Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns
Configure IAM role and related policies to use EKS Service Accounts with the external-dns service.
https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns
aws dns eks iam terraform terraform-module
Last synced: about 2 months ago
JSON representation
Configure IAM role and related policies to use EKS Service Accounts with the external-dns service.
- Host: GitHub
- URL: https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns
- Owner: rhythmictech
- Created: 2020-01-28T00:54:18.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2024-04-17T20:51:26.000Z (9 months ago)
- Last Synced: 2024-04-17T21:36:43.976Z (9 months ago)
- Topics: aws, dns, eks, iam, terraform, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/rhythmictech/eks-iam-external-dns/aws
- Size: 11.7 KB
- Stars: 1
- Watchers: 3
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# terraform-aws-eks-iam-external-dns
[](https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns/actions)
Configure IAM role and related policies to use EKS Service Accounts with the external-dns service.
## Usage
```
module "external_dns" {
source = "git::https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns"
cluster_name = module.eks.cluster_name
issuer_url = module.eks.cluster_issuer_url
kubernetes_namespace = "kube-system"
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.12.20 |
| [aws](#requirement\_aws) | >= 3.8 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 3.8 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [aws_iam_policy.route53_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_iam_role.external_dns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.route53_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.oidc_assume](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.route53_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [cluster\_name](#input\_cluster\_name) | n/a | `string` | n/a | yes |
| [issuer\_url](#input\_issuer\_url) | OIDC issuer URL (include prefix) | `string` | n/a | yes |
| [allowed\_zones](#input\_allowed\_zones) | List of zones this service account is permitted to update (in ARN format) | `list(string)` |
[
"arn:aws:route53:::hostedzone/*"
]
| no |
| [kubernetes\_namespace](#input\_kubernetes\_namespace) | Namespace to operate in (service accounts and pods must be in the same namespace) | `string` | `"default"` | no |
| [service\_account](#input\_service\_account) | Name of service account to create (computed based on cluster name if not specified) | `string` | `""` | no |
| [tags](#input\_tags) | Tags to add to supported resources | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [iam\_role\_external\_dns\_arn](#output\_iam\_role\_external\_dns\_arn) | n/a |
| [service\_account](#output\_service\_account) | n/a |