Difference between revisions of "Terraform resource: aws iam role policy attachment"
Jump to navigation
Jump to search
(17 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | * <code>[[aws_iam_role_policy_attachment]]</code> ([https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment ref]) | |
− | # module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0] will be created | + | |
+ | [[aws_iam_policy]] + [[aws_iam_role]] -> [[aws_iam_role_policy_attachment]] | ||
+ | |||
+ | == Examples == | ||
+ | |||
+ | Module: | ||
+ | # module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0] [[will be created]] | ||
+ resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { | + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { | ||
+ id = (known after apply) | + id = (known after apply) | ||
− | + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" | + | + policy_arn = "arn:aws:iam::aws:policy/[[AmazonEKSClusterPolicy]]" |
+ role = (known after apply) | + role = (known after apply) | ||
} | } | ||
+ | |||
+ | |||
+ | resource "aws_iam_role_policy_attachment" "your_node_policy" { | ||
+ | role = aws_iam_role.your_node_role.name | ||
+ | policy_arn = "[[arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore]]" | ||
+ | } | ||
+ | |||
+ | {{aws eks node group official example}} | ||
== Related == | == Related == | ||
* Terraform resource: <code>[[aws_iam_role]]</code> | * Terraform resource: <code>[[aws_iam_role]]</code> | ||
+ | * <code>[[aws_eks_node_group]]</code> | ||
+ | * <code>[[aws_iam_instance_profile]]</code> | ||
+ | * Terraform resource: <code>[[aws_iam_role_policy]]</code> | ||
== See also == | == See also == | ||
− | * {{terraform aws}} | + | * {{aws_iam_role_policy_attachment}} |
+ | * {{terraform aws iam resources}} | ||
[[Category:Terraform]] | [[Category:Terraform]] |
Latest revision as of 02:27, 17 June 2024
aws_iam_policy + aws_iam_role -> aws_iam_role_policy_attachment
Examples[edit]
Module:
# module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" + role = (known after apply) }
resource "aws_iam_role_policy_attachment" "your_node_policy" { role = aws_iam_role.your_node_role.name policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" }
resource "aws_eks_node_group" "example" { cluster_name = aws_eks_cluster.example.name node_group_name = "example" node_role_arn = aws_iam_role.example.arn subnet_ids = aws_subnet.example[*].id scaling_config { desired_size = 1 max_size = 2 min_size = 1 } update_config { max_unavailable = 1 } # Ensure that IAM Role permissions are created before and deleted after EKS Node Group handling. # Otherwise, EKS will not be able to properly delete EC2 Instances and Elastic Network Interfaces. depends_on = [ aws_iam_role_policy_attachment.example-AmazonEKSWorkerNodePolicy, aws_iam_role_policy_attachment.example-AmazonEKS_CNI_Policy, aws_iam_role_policy_attachment.example-AmazonEC2ContainerRegistryReadOnly, ] }
Related[edit]
- Terraform resource:
aws_iam_role
aws_eks_node_group
aws_iam_instance_profile
- Terraform resource:
aws_iam_role_policy
See also[edit]
aws_iam_role_policy_attachment
- Terraform IAM resources:
aws_iam_user, aws_iam_group, aws_iam_role, aws_iam_role_policy_attachment
,aws_iam_policy
,aws_iam_role_policy, aws_iam_user_policy, aws_iam_user_policy_attachment
,aws_iam_access_key, aws_iam_group_policy, aws_iam_group_policy_attachment, aws_iam_openid_connect_provider
Advertising: