XPodIdentity - upbound/configuration-aws-eks-pod-identity@v0.3.0

Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, Crossplane will not manage any inline policies in this resource. Configuring one empty block (i.e., inline_policy {}) will cause Crossplane to remove all inline policies added out of band on apply.

name

string

policy

string

managedPolicyArns

array

Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, Crossplane will ignore policy attachments to this resource. When configured, Crossplane will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., managed_policy_arns = []) will cause Crossplane to remove all managed policy attachments.

providerConfigName

string

region

string

serviceAccount

requiredobject

Configuration for SA

name

requiredstring

namespace

requiredstring

status

object

No description provided.

podIdentity

object

configuration-aws-eks-pod-identity

apiVersion: aws.platform.upbound.io/v1alpha1
kind: XPodIdentity
metadata:
  name: configuration-aws-eks-pod-identity
spec:
  parameters:
    clusterNameSelector:
      matchLabels:
        crossplane.io/composite: configuration-aws-eks-pod-identity
    inlinePolicy:
      - name: default
        policy: |
          {
              "Version": "2012-10-17",
              "Statement": [
                  {
                      "Action": [
                          "kms:Decrypt",
                          "kms:DescribeKey"
                      ],
                      "Effect": "Allow",
                      "Resource": "*"
                  }
              ]
          }
    managedPolicyArns:
      - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
    region: us-west-2
    serviceAccount:
      name: my-controller
      namespace: kube-system

configuration-aws-eks-pod-identity-kcl

apiVersion: aws.platform.upbound.io/v1alpha1
kind: XPodIdentity
metadata:
  name: configuration-aws-eks-pod-identity-kcl
spec:
  compositionSelector:
    matchLabels:
      function: kcl
  parameters:
    clusterNameSelector:
      matchLabels:
        crossplane.io/composite: configuration-aws-eks-pod-identity-kcl
    inlinePolicy:
      - name: default
        policy: |
          {
              "Version": "2012-10-17",
              "Statement": [
                  {
                      "Action": [
                          "kms:Decrypt",
                          "kms:DescribeKey"
                      ],
                      "Effect": "Allow",
                      "Resource": "*"
                  }
              ]
          }
    managedPolicyArns:
      - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
    region: us-west-2
    serviceAccount:
      name: my-controller
      namespace: kube-system

Marketplace

Discover the building blocks for your internal cloud platform.

Solutions

Learn

Company

More