Skip to content

Commit

Permalink
Added efs-driver to addons; specified kms_key_id for encrypted local …
Browse files Browse the repository at this point in the history 
…disk.
  • Loading branch information
@zawac002
zawac002 committed Aug 18, 2023
1 parent f997687 commit ceffdd7
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,21 @@ module "ebs_csi_irsa_role" {
tags = local.tags
}

module "efs_csi_irsa_role" {
source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"

role_name = "${var.cluster_name}-efs-csi-driver"
attach_efs_csi_policy = true

oidc_providers = {
main = {
provider_arn = module.cluster.oidc_provider_arn
namespace_service_accounts = ["kube-system:efs-csi-controller-sa"]
}
}
tags = local.tags
}

module "cluster" {
source = "terraform-aws-modules/eks/aws"
version = "19.16.0"
Expand Down Expand Up @@ -118,6 +133,10 @@ module "cluster" {
most_recent = false
service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn
}
aws-efs-csi-driver = {
most_recent = false
service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn
}
}

eks_managed_node_group_defaults = {
Expand Down Expand Up @@ -151,6 +170,7 @@ module "cluster" {
throughput = 125
encrypted = true
delete_on_termination = true
kms_key_id = data.aws_kms_key.ebs_key.arn
}
}
}
Expand Down

0 comments on commit ceffdd7

Please sign in to comment.