terrafrom create service aws eks using local aws_iam_role
To create an AWS EKS service using a local AWS IAM role in Terraform, you can follow the steps below:
- Create an IAM role using Terraform:
resource "aws_iam_role" "eks_role" {
name = "eks_role"
assume_role_policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Principal = {
Service = "eks.amazonaws.com"
}
Action = "sts:AssumeRole"
}
]
})
}
- Attach the necessary policies to the IAM role:
resource "aws_iam_role_policy_attachment" "eks_role_policy_attachment" {
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
role = aws_iam_role.eks_role.name
}
resource "aws_iam_role_policy_attachment" "eks_role_policy_attachment_2" {
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
role = aws_iam_role.eks_role.name
}
- Create an EKS cluster using the IAM role:
resource "aws_eks_cluster" "eks_cluster" {
name = "eks_cluster"
role_arn = aws_iam_role.eks_role.arn
vpc_config {
subnet_ids = ["subnet-xxxxxxxxx", "subnet-yyyyyyyyy", "subnet-zzzzzzzzz"]
}
}
- Create an EKS node group using the IAM role:
resource "aws_eks_node_group" "eks_node_group" {
cluster_name = aws_eks_cluster.eks_cluster.name
node_group_name = "eks_node_group"
node_role_arn = aws_iam_role.eks_role.arn
subnet_ids = ["subnet-xxxxxxxxx", "subnet-yyyyyyyyy", "subnet-zzzzzzzzz"]
}
Note: Replace the subnet IDs and policy ARNs with your own values. Also, make sure that you have the required permissions to create IAM roles, policies, EKS clusters, and node groups in AWS
原文地址: https://www.cveoy.top/t/topic/cdn7 著作权归作者所有。请勿转载和采集!