33 lines
981 B
Terraform
33 lines
981 B
Terraform
|
resource "aws_iam_user" "default" {
|
||
|
name = "${var.name}-user"
|
||
|
}
|
||
|
|
||
|
resource "aws_iam_policy" "parameters_external_secrets_policy" {
|
||
|
name = "${var.name}-parameters-external-secrets-policy"
|
||
|
policy = file("${path.module}/iam-policies/parameters-external-secrets-policy.json")
|
||
|
}
|
||
|
|
||
|
resource "aws_iam_policy_attachment" "parameters_external_secrets_attachment" {
|
||
|
name = "${var.name}-parameters-external-secrets-attachment"
|
||
|
users = [aws_iam_user.default.name]
|
||
|
policy_arn = aws_iam_policy.parameters_external_secrets_policy.arn
|
||
|
}
|
||
|
|
||
|
resource "aws_iam_access_key" "default" {
|
||
|
user = aws_iam_user.default.name
|
||
|
}
|
||
|
|
||
|
resource "kubernetes_secret" "default" {
|
||
|
metadata {
|
||
|
name = "${var.name}-access-key"
|
||
|
namespace = "kube-system"
|
||
|
labels = {
|
||
|
"app.kubernetes.io/managed-by": "terraform"
|
||
|
}
|
||
|
}
|
||
|
|
||
|
data = {
|
||
|
access-key = aws_iam_access_key.default.id
|
||
|
secret-access-key = aws_iam_access_key.default.secret
|
||
|
}
|
||
|
}
|