Skip to content

Instantly share code, notes, and snippets.

@nicusX
Created September 12, 2016 17:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save nicusX/e405765c04e4bb8e49f654c1b9793671 to your computer and use it in GitHub Desktop.
Save nicusX/e405765c04e4bb8e49f654c1b9793671 to your computer and use it in GitHub Desktop.
resource "aws_iam_role" "kubernetes" {
name = "kubernetes"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [ { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" }, "Action": "sts:AssumeRole" } ]
}
EOF
}
resource "aws_iam_role_policy" "kubernetes" {
name = "kubernetes"
role = "${aws_iam_role.kubernetes.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{ "Action" : ["ec2:*"], "Effect": "Allow", "Resource": ["*"] },
{ "Action" : ["elasticloadbalancing:*"], "Effect": "Allow", "Resource": ["*"] },
{ "Action": "route53:*", "Effect": "Allow", "Resource": ["*"] },
{ "Action": "ecr:*", "Effect": "Allow", "Resource": "*" }
]
}
EOF
}
resource "aws_iam_instance_profile" "kubernetes" {
name = "kubernetes"
roles = ["${aws_iam_role.kubernetes.name}"]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment