jlengrand/engine
1
0
Fork 0
mirror of https://github.com/jlengrand/engine.git synced 2026-03-10 08:11:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dev
engine/lib/aws/bootstrap/eks-ebs-csi-driver.tf
Romaric Philogene 5fab0ae0fc wip: change eks_cluster_id into kubernetes_cluster_id 
wip: change `eks_cluster_name` into `kubernetes_cluster_name`
2020-12-24 00:39:59 +01:00

37 lines
864 B
HCL
Raw Permalink Blame History

resource "aws_iam_policy" "eks_workers_ebs_csi" {
name = "qovery-aws-EBS-CSI-Driver-${var.kubernetes_cluster_id}"
description = "Policy for AWS CSI driver"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:AttachVolume",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteSnapshot",
"ec2:DeleteTags",
"ec2:DeleteVolume",
"ec2:DescribeInstances",
"ec2:DescribeSnapshots",
"ec2:DescribeTags",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"ec2:ModifyVolume"
],
"Resource": "*"
}
]
}
POLICY
}
resource "aws_iam_role_policy_attachment" "workers_csi" {
policy_arn = aws_iam_policy.eks_workers_ebs_csi.arn
role = aws_iam_role.eks_workers.name
}
Reference in New Issue View Git Blame Copy Permalink