Skip to content

Instantly share code, notes, and snippets.

@haarchri

haarchri/aws-auth.yaml

Created December 14, 2021 11:25
Show Gist options
  • Save haarchri/94e4afad26709296941c13d57a3817ca to your computer and use it in GitHub Desktop.
Save haarchri/94e4afad26709296941c13d57a3817ca to your computer and use it in GitHub Desktop.
Download ZIP
crossplane composition aws-auth
Raw
aws-auth.yaml
[...]
- name: aws-auth-configmap
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: ConfigMap
metadata:
namespace: kube-system
name: aws-auth
patches:
- fromFieldPath: spec.forProvider.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-eks-aws-auth"
- fromFieldPath: spec.forProvider.id
toFieldPath: spec.providerConfigRef.name
transforms:
- type: string
string:
fmt: "%s-kubernetes-kubeconfig"
- type: CombineFromComposite
combine:
variables:
- fromFieldPath: metadata.labels[tags.crossplane.io/account]
- fromFieldPath: spec.forProvider.id
- fromFieldPath: metadata.labels[tags.crossplane.io/account]
strategy: string
string:
fmt: |
- groups:
- system:bootstrappers
- system:nodes
rolearn: arn:aws:iam::%s:role/%s-ec2-assume
username: system:node:{{EC2PrivateDNSName}}
- groups:
- system:masters
rolearn: arn:aws:iam::%s:role/EKSAdminRole
username: eksadmin
toFieldPath: spec.forProvider.manifest.data.mapRoles
policy:
fromFieldPath: Optional
[...]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment