IAM for AWS cert-manager
This Terraform module provides an easy way to generate cert-manager required IAM permissions.
⚠️ Warning: this module uses "IAM Roles for ServiceAccount" to inject AWS credentials inside cluster autoscaler pods
Requirements
Name | Version |
---|---|
terraform | >= 0.15.4 |
aws | >= 3.37.0 |
Providers
Name | Version |
---|---|
aws | >= 3.37.0 |
Modules
Name | Source | Version |
---|---|---|
cert_manager_iam_assumable_role | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | v3.16.0 |
Resources
Name | Type |
---|---|
aws_iam_policy.cert_manager | resource |
aws_eks_cluster.this | data source |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
cluster_name | EKS cluster name | string | n/a | yes |
public_zone_id | Route53 public zone ID | string | n/a | yes |
tags | Additional tags for the created resources | map(string) | {} | no |
Outputs
Name | Description |
---|---|
cert_manager_iam_role_arn | cert-manager IAM role |
cert_manager_patches | cert-manager Kubernetes resources patches |
Usage
module "cert_manager_iam_role" {
source = "../vendor/modules/ingress/aws-cert-manager"
cluster_name = "myekscluster"
public_zone_id = "Z1BM4RA99PG48O"
tags = {"mykey": "myvalue"}
}