terraform-aws-eks-iam-external-dns

Configure IAM role and related policies to use EKS Service Accounts with the external-dns service.

Usage

module "external_dns" {
  source               = "git::https://github.com/rhythmictech/terraform-aws-eks-iam-external-dns"
  cluster_name         = module.eks.cluster_name
  issuer_url           = module.eks.cluster_issuer_url
  kubernetes_namespace = "kube-system"
}

Requirements

Name	Version
terraform	>= 0.12.20
aws	>= 3.8

Providers

Name	Version
aws	>= 3.8

Modules

No modules.

Resources

Name	Type
aws_iam_policy.route53_access	resource
aws_iam_role.external_dns	resource
aws_iam_role_policy_attachment.route53_access	resource
aws_caller_identity.current	data source
aws_iam_policy_document.oidc_assume	data source
aws_iam_policy_document.route53_access	data source

Inputs

Name	Description	Type	Default	Required
cluster_name	n/a	string	n/a	yes
issuer_url	OIDC issuer URL (include prefix)	string	n/a	yes
allowed_zones	List of zones this service account is permitted to update (in ARN format)	list(string)	[ "arn:aws:route53:::hostedzone/*" ]	no
kubernetes_namespace	Namespace to operate in (service accounts and pods must be in the same namespace)	string	"default"	no
service_account	Name of service account to create (computed based on cluster name if not specified)	string	""	no
tags	Tags to add to supported resources	map(string)	{}	no

Outputs

Name	Description
iam_role_external_dns_arn	n/a
service_account	n/a