wbyc/terraform-aws-eks-cluster
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

disabled asume role since it's not being used in this particular config

Browse Source
This commit is contained in:
Patrick de Ruiter 2021-06-08 23:04:43 +02:00
parent 173de1a594
commit 299f34a0fe
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
auth.tf
View File

@ -123,17 +123,17 @@ resource "null_resource" "apply_configmap_auth" {
which kubectl which kubectl
fi fi
aws_cli_assume_role_arn=${var.aws_cli_assume_role_arn} #aws_cli_assume_role_arn=${var.aws_cli_assume_role_arn}
aws_cli_assume_role_session_name=${var.aws_cli_assume_role_session_name} #aws_cli_assume_role_session_name=${var.aws_cli_assume_role_session_name}
if [[ -n "$aws_cli_assume_role_arn" && -n "$aws_cli_assume_role_session_name" ]] ; then #if [[ -n "$aws_cli_assume_role_arn" && -n "$aws_cli_assume_role_session_name" ]] ; then
echo 'Assuming role ${var.aws_cli_assume_role_arn} ...' # echo 'Assuming role ${var.aws_cli_assume_role_arn} ...'
mkdir -p ${local.external_packages_install_path} # mkdir -p ${local.external_packages_install_path}
cd ${local.external_packages_install_path} # cd ${local.external_packages_install_path}
curl -L https://github.com/stedolan/jq/releases/download/jq-${var.jq_version}/jq-linux64 -o jq # curl -L https://github.com/stedolan/jq/releases/download/jq-${var.jq_version}/jq-linux64 -o jq
chmod +x ./jq # chmod +x ./jq
source <(aws --output json sts assume-role --role-arn "$aws_cli_assume_role_arn" --role-session-name "$aws_cli_assume_role_session_name" | jq -r '.Credentials | @sh "export AWS_SESSION_TOKEN=\(.SessionToken)\nexport AWS_ACCESS_KEY_ID=\(.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.SecretAccessKey) "') # source <(aws --output json sts assume-role --role-arn "$aws_cli_assume_role_arn" --role-session-name "$aws_cli_assume_role_session_name" | jq -r '.Credentials | @sh "export AWS_SESSION_TOKEN=\(.SessionToken)\nexport AWS_ACCESS_KEY_ID=\(.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.SecretAccessKey) "')
echo 'Assumed role ${var.aws_cli_assume_role_arn}' # echo 'Assumed role ${var.aws_cli_assume_role_arn}'
fi #fi
echo 'Applying Auth ConfigMap with kubectl...' echo 'Applying Auth ConfigMap with kubectl...'
#aws eks update-kubeconfig --name=${local.cluster_name} --region=${var.region} --kubeconfig=${var.kubeconfig_path} ${var.aws_eks_update_kubeconfig_additional_arguments} --role arn:aws:iam::802657318978:role/x-carnext-admin #aws eks update-kubeconfig --name=${local.cluster_name} --region=${var.region} --kubeconfig=${var.kubeconfig_path} ${var.aws_eks_update_kubeconfig_additional_arguments} --role arn:aws:iam::802657318978:role/x-carnext-admin