Configure IAM role and related policies to use EKS Service Accounts with the external-dns service.
module "external_dns" {
source = "git::https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns"
cluster_name = module.eks.cluster_name
issuer_url = module.eks.cluster_issuer_url
kubernetes_namespace = "kube-system"
}
Name | Version |
---|---|
terraform | >= 0.12.20 |
aws | >= 3.8 |
Name | Version |
---|---|
aws | >= 3.8 |
No modules.
Name | Type |
---|---|
aws_iam_policy.route53_access | resource |
aws_iam_role.external_dns | resource |
aws_iam_role_policy_attachment.route53_access | resource |
aws_caller_identity.current | data source |
aws_iam_policy_document.oidc_assume | data source |
aws_iam_policy_document.route53_access | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
cluster_name | n/a | string |
n/a | yes |
issuer_url | OIDC issuer URL (include prefix) | string |
n/a | yes |
allowed_zones | List of zones this service account is permitted to update (in ARN format) | list(string) |
[ |
no |
kubernetes_namespace | Namespace to operate in (service accounts and pods must be in the same namespace) | string |
"default" |
no |
service_account | Name of service account to create (computed based on cluster name if not specified) | string |
"" |
no |
tags | Tags to add to supported resources | map(string) |
{} |
no |
Name | Description |
---|---|
iam_role_external_dns_arn | n/a |
service_account | n/a |