Skip to content

E
eks-alb-ingress
Commit f22b0d87 authored by Nick White's avatar Nick White
Browse files
Options

terraform 0.12.30

parent 27782e63
Show whitespace changes
Inline Side-by-side
Showing with 12 additions and 12 deletions
eks-alb-ingress.tf
View file @ f22b0d87
...@@ -8,7 +8,7 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" { ...@@ -8,7 +8,7 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" {
replicas = 1 replicas = 1
selector { selector {
match_labels { match_labels = {
name = "aws-alb-ingress-controller" name = "aws-alb-ingress-controller"
} }
} }
...@@ -17,11 +17,11 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" { ...@@ -17,11 +17,11 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" {
metadata { metadata {
name = "aws-alb-ingress-controller" name = "aws-alb-ingress-controller"
annotations { annotations = {
"iam.amazonaws.com/role" = "eks-alb-ingress-controller" "iam.amazonaws.com/role" = "eks-alb-ingress-controller"
} }
labels { labels = {
name = "aws-alb-ingress-controller" name = "aws-alb-ingress-controller"
} }
} }
...@@ -31,22 +31,22 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" { ...@@ -31,22 +31,22 @@ resource "kubernetes_deployment" "aws_alb_ingress_deployment" {
termination_grace_period_seconds = 60 termination_grace_period_seconds = 60
volume { volume {
name = "${kubernetes_service_account.aws_alb_service_account.default_secret_name}" name = kubernetes_service_account.aws_alb_service_account.default_secret_name
secret { secret {
secret_name = "${kubernetes_service_account.aws_alb_service_account.default_secret_name}" secret_name = kubernetes_service_account.aws_alb_service_account.default_secret_name
} }
} }
container { container {
image = "amazon/aws-alb-ingress-controller:v1.1.2" image = " :v1.1.2"
name = "aws-alb-ingress-container" name = "aws-alb-ingress-container"
image_pull_policy = "IfNotPresent" image_pull_policy = "IfNotPresent"
args = ["--cluster-name=${var.cluster_name}"] args = ["--cluster-name=${var.cluster_name}"]
volume_mount { volume_mount {
mount_path = "/var/run/secrets/kubernetes.io/serviceaccount" mount_path = "/var/run/secrets/kubernetes.io/serviceaccount"
name = "${kubernetes_service_account.aws_alb_service_account.default_secret_name}" name = kubernetes_service_account.aws_alb_service_account.default_secret_name
read_only = true read_only = true
} }
......
iam.tf
View file @ f22b0d87
...@@ -17,7 +17,7 @@ data "aws_iam_policy_document" "ec2_assume" { ...@@ -17,7 +17,7 @@ data "aws_iam_policy_document" "ec2_assume" {
principals { principals {
type = "AWS" type = "AWS"
identifiers = ["${var.worker_iam_role_arn}"] identifiers = [var.worker_iam_role_arn]
} }
} }
} }
...@@ -138,15 +138,15 @@ data "aws_iam_policy_document" "ingress" { ...@@ -138,15 +138,15 @@ data "aws_iam_policy_document" "ingress" {
} }
resource "aws_iam_policy" "this" { resource "aws_iam_policy" "this" {
policy = "${data.aws_iam_policy_document.ingress.json}" policy = data.aws_iam_policy_document.ingress.json
} }
resource "aws_iam_role" "this" { resource "aws_iam_role" "this" {
name = "eks-alb-ingress-controller" name = "eks-alb-ingress-controller"
assume_role_policy = "${data.aws_iam_policy_document.ec2_assume.json}" assume_role_policy = data.aws_iam_policy_document.ec2_assume.json
} }
resource "aws_iam_role_policy_attachment" "this" { resource "aws_iam_role_policy_attachment" "this" {
role = "${aws_iam_role.this.name}" role = aws_iam_role.this.name
policy_arn = "${aws_iam_policy.this.arn}" policy_arn = aws_iam_policy.this.arn
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment