Difference between revisions of "Terraform resource: aws iam role policy attachment"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
| − | + | == Examples == | |
Module: | Module: | ||
| Line 17: | Line 17: | ||
policy_arn = "[[arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore]]" | policy_arn = "[[arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore]]" | ||
} | } | ||
| + | |||
| + | {{aws eks node group official example}} | ||
== Related == | == Related == | ||
Revision as of 08:29, 26 February 2024
Examples
Module:
# module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" + role = (known after apply) }
resource "aws_iam_role_policy_attachment" "your_node_policy" {
role = aws_iam_role.your_node_role.name
policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
}
resource "aws_eks_node_group" "example" { cluster_name = aws_eks_cluster.example.name node_group_name = "example" node_role_arn = aws_iam_role.example.arn subnet_ids = aws_subnet.example[*].id scaling_config { desired_size = 1 max_size = 2 min_size = 1 } update_config { max_unavailable = 1 } # Ensure that IAM Role permissions are created before and deleted after EKS Node Group handling. # Otherwise, EKS will not be able to properly delete EC2 Instances and Elastic Network Interfaces. depends_on = [ aws_iam_role_policy_attachment.example-AmazonEKSWorkerNodePolicy, aws_iam_role_policy_attachment.example-AmazonEKS_CNI_Policy, aws_iam_role_policy_attachment.example-AmazonEC2ContainerRegistryReadOnly, ] }
Related
- Terraform resource:
aws_iam_role - aws_eks_node_group
- aws_iam_instance_profile
See also
Advertising:
