Skip to content

Commit

Permalink
feat: Add auto discovery permission of cluster endpoint to Karpenter …
Browse files Browse the repository at this point in the history 
…role (#2451)

Co-authored-by: Bryant Biggs <[email protected]>
  • Loading branch information
@woehrl01 @bryantbiggs
woehrl01 and bryantbiggs authored Feb 15, 2023
1 parent 07653b6 commit c4a4b8a
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions modules/karpenter/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,11 @@ data "aws_iam_policy_document" "irsa" {
resources = var.irsa_ssm_parameter_arns
}

statement {
actions = ["eks:DescribeCluster"]
resources = ["arn:${local.partition}:eks:*:${local.account_id}:cluster/${var.cluster_name}"]
}

statement {
actions = ["iam:PassRole"]
resources = [var.create_iam_role ? aws_iam_role.this[0].arn : var.iam_role_arn]
Expand Down

0 comments on commit c4a4b8a

Please sign in to comment.