Skip to content
Snippets Groups Projects
Commit cb9478ee authored by Joshua David Akers's avatar Joshua David Akers
Browse files

Merge branch 'nsadineni-master-patch-65069' into 'master' 

PLATFORM-1800: Add PPRD OIDC endpoint to AWS Platform Role Connector

See merge request !9
parents 35a306a6 c18f440c
1 merge request!9PLATFORM-1800: Add PPRD OIDC endpoint to AWS Platform Role Connector
Hide whitespace changes
Inline Side-by-side
.gitignore
+ 2
1
View file @ cb9478ee
.terraform .terraform
.terraform* .terraform*
\ No newline at end of file terraform*
\ No newline at end of file
README.md
+ 2
2
View file @ cb9478ee
...@@ -31,7 +31,7 @@ Copy and paste into your Terraform configuration, insert or update the ...@@ -31,7 +31,7 @@ Copy and paste into your Terraform configuration, insert or update the
variables, and run `terraform init`: variables, and run `terraform init`:
``` ```
module "plaform_role_connector" { module "platform_role_connector" {
source = "git@code.vt.edu:it-common-platform/support/terraform/aws-platform-role-connector.git" source = "git@code.vt.edu:it-common-platform/support/terraform/aws-platform-role-connector.git"
role_name = "cluster-app-role" role_name = "cluster-app-role"
role_description = "A role that can be assumed by the Common Platform" role_description = "A role that can be assumed by the Common Platform"
...@@ -116,7 +116,7 @@ You may set these variables to override their default values. ...@@ -116,7 +116,7 @@ You may set these variables to override their default values.
| ---- | ---- | ----------- | ------- | | ---- | ---- | ----------- | ------- |
| **role_tags** | `map<string, string>` | Optional tags to apply to the IAM role | `{}` | **role_tags** | `map<string, string>` | Optional tags to apply to the IAM role | `{}`
| **create_oidc_provider** | `[bool]` | If true, an IAM Identity Provider will be created to point to the cluster's OIDC endpoint | `true` | **create_oidc_provider** | `[bool]` | If true, an IAM Identity Provider will be created to point to the cluster's OIDC endpoint | `true`
| **cluster** | `[string]` | The specific cluster to leverage for the OIDC provider | `prod` | **cluster** | `[string]` | The specific cluster to leverage for the OIDC provider [`prod`,`pprd`,`dvlp`] | `prod`
| **cluster_endpoint** | `[string]` | A specific cluster endpoint | `""` | **cluster_endpoint** | `[string]` | A specific cluster endpoint | `""`
......
main.tf
+ 6
4
View file @ cb9478ee
locals { locals {
prod_endpoint = "oidc.eks.us-east-1.amazonaws.com/id/0488F38C8F97CB5B49EA6B41CE9BDA02" prod_endpoint = "oidc.eks.us-east-1.amazonaws.com/id/0488F38C8F97CB5B49EA6B41CE9BDA02"
dvlp_endpoint = "oidc.eks.us-east-1.amazonaws.com/id/E2C9E1285D5C797C659C4D6D064EFC19" pprd_endpoint = "oidc.eks.us-east-1.amazonaws.com/id/1A61BD7FC83AAF9659F4DDCAEAA63F4C"
dvlp_endpoint = "oidc.eks.us-east-1.amazonaws.com/id/593F9C017C1F5E41C3AE06A1FA53E345"
connector_url = "https://${local.url}" connector_url = "https://${local.url}"
url = (var.cluster_endpoint != "") ? var.cluster_endpoint : ((var.cluster == "prod") ? local.prod_endpoint : local.dvlp_endpoint) url = (var.cluster_endpoint != "") ? var.cluster_endpoint : ((var.cluster == "prod") ? local.prod_endpoint : ((var.cluster == "pprd") ? local.pprd_endpoint: local.dvlp_endpoint))
audience = "sts.amazonaws.com" audience = "sts.amazonaws.com"
} }
......
variables.tf
+ 1
1
View file @ cb9478ee
...@@ -42,4 +42,4 @@ variable "cluster_endpoint" { ...@@ -42,4 +42,4 @@ variable "cluster_endpoint" {
type = string type = string
description = "A specific cluster endpoint" description = "A specific cluster endpoint"
default = "" default = ""
} }
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment