Adding iam role, and security group

author: Spike <avlampson+git@gmail.com> 2019-05-09 11:11:39 +0100
committer: Spike <avlampson+git@gmail.com> 2019-05-09 11:11:39 +0100
commit: 3057ba38e7d47b79bd7872e12e70a9f46057a4bc (patch)
tree: 30cac368aa975667e025f8b7c2317c6dee5b55e9 /terraform/iam.tf
parent: c71b2c2c4231df0486322ad7113084d23fc2c35a (diff)
download: sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.zip
sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.gz
sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.bz2
1 files changed, 28 insertions, 0 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf
new file mode 100644
index 0000000..0286993
--- /dev/null
+++ b/terraform/iam.tf
@@ -0,0 +1,28 @@
+resource "aws_iam_role" "sensyne_demo_cluster" {
+    name = "sensyne_demo_eks_cluster"
+
+  assume_role_policy = <<POLICY
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "eks.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}
+POLICY
+}
+
+resource "aws_iam_role_policy_attachment" "demo_cluster_AmazonEKSClusterPolicy" {
+  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
+  role       = "${aws_iam_role.sensyne_demo_cluster.name}"
+}
+
+resource "aws_iam_role_policy_attachment" "demo_cluster_AmazonEKSServicePolicy" {
+  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
+  role       = "${aws_iam_role.sensyne_demo_cluster.name}"
+}
author	Spike <avlampson+git@gmail.com>	2019-05-09 11:11:39 +0100
committer	Spike <avlampson+git@gmail.com>	2019-05-09 11:11:39 +0100
commit	3057ba38e7d47b79bd7872e12e70a9f46057a4bc (patch)
tree	30cac368aa975667e025f8b7c2317c6dee5b55e9 /terraform/iam.tf
parent	c71b2c2c4231df0486322ad7113084d23fc2c35a (diff)
download	sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.zip sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.gz sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.bz2