From 8e371150df144cabb7b2a82ba8b2938eb68d620c Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 17 Apr 2025 17:22:55 -0400 Subject: [PATCH] add eecr_account_id --- README.md | 7 ++++++- copy_images.tf | 5 +++-- variables.tf | 6 ++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2917130..73ff920 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,8 @@ have a istio proxy configured, prevent communication with that pod.) | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.89.0 | +| [aws](#provider\_aws) | 5.94.1 | +| [aws.eecr](#provider\_aws.eecr) | 5.94.1 | | [helm](#provider\_helm) | 2.17.0 | | [kubernetes](#provider\_kubernetes) | 2.36.0 | @@ -106,6 +107,8 @@ have a istio proxy configured, prevent communication with that pod.) | [helm_release.ingress](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | | [helm_release.istiod](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | | [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource | +| [aws_ecr_authorization_token.ecr_token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source | +| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source | | [aws_lb.lb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source | | [kubernetes_service.istio_ingressgateway](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source | @@ -113,7 +116,9 @@ have a istio proxy configured, prevent communication with that pod.) | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [account\_id](#input\_account\_id) | aws account number | `string` | `""` | no | | [cluster\_name](#input\_cluster\_name) | The name of the cluster into which istio will be installed. | `string` | n/a | yes | +| [eecr\_account\_id](#input\_eecr\_account\_id) | enterpirse ecr source aws account number | `string` | `""` | no | | [enable\_egress\_gateway](#input\_enable\_egress\_gateway) | Enable Istio to control outbound traffic from the cluster. | `bool` | `true` | no | | [enable\_telemetry](#input\_enable\_telemetry) | Enable Istio's stracing, monitoring, and logging features. | `string` | `"true"` | no | | [extra\_listener\_ports](#input\_extra\_listener\_ports) | A list of additional ports that the ingress load balancer should listen to, 9094 for kafka as an example. | 
list(object({
    name = string
    port = string
  }))
| `[]` | no | diff --git a/copy_images.tf b/copy_images.tf index 2003852..b356aca 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -1,7 +1,7 @@ locals { pilot_key = format("%v#%v", "istio/pilot", var.istio_version) proxy_key = format("%v#%v", "istio/proxyv2", var.istio_version) - ent_ecr_source = format("%v.%v.%v.%v", var.account_id, "dkr.ecr", var.region, "amazonaws.com/ent-images") + ent_ecr_source = format("%v.%v.%v.%v", var.eecr_account_id, "dkr.ecr", var.region, "amazonaws.com/ent-images") image_config = [ { @@ -46,7 +46,8 @@ module "images" { } data "aws_ecr_authorization_token" "ecr_token" { - registry_id = var.account_id + provider = aws.eecr + registry_id = var.eecr_account_id } data "aws_ecr_authorization_token" "token" { diff --git a/variables.tf b/variables.tf index d174d3d..49e788a 100644 --- a/variables.tf +++ b/variables.tf @@ -15,6 +15,12 @@ variable "cluster_name" { type = string } +variable "eecr_account_id" { + description = "enterpirse ecr source aws account number" + type = string + default = "" +} + # tflint-ignore: terraform_unused_declarations variable "region" { description = "The region in which the cluster is running."