A ProviderConfig configures how AWS controllers will connect to AWS API.
Type
CRD
Group
aws.crossplane.io
Version
v1beta1
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
A ProviderConfigSpec defines the desired state of a ProviderConfig.
AssumeRole defines the options for assuming an IAM role
Tags is list of session tags that you want to pass. Each session tag consists of a key name and an associated value. For more information about session tags, see Tagging STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html).
TransitiveTagKeys is a list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. For more information, see Chaining Roles with Session Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining).
AssumeRoleWithWebIdentity defines the options for assuming an IAM role with a Web Identity
Credentials required to authenticate to this provider.
Env is a reference to an environment variable that contains credentials that must be used to connect to the provider.
Fs is a reference to a filesystem location that contains credentials that must be used to connect to the provider.
Endpoint is where you can override the default endpoint configuration of AWS calls made by the provider.
A ProviderConfigStatus represents the status of a ProviderConfig.
Conditions of the resource.
example
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: example
spec:
credentials:
secretRef:
key: credentials
name: example-creds
namespace: crossplane-system
source: Secret
endpoint:
url:
dynamic:
host: amazonaws.com
protocol: https
type: Dynamic
aws-provider-injected-account-b
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: aws-provider-injected-account-b
spec:
assumeRole:
externalID: my-optional-id
roleARN: arn:aws:iam::999999999999:role/account_b
tags:
- key: Project
value: Crossplane
- key: Department
value: Infrastructure
transitiveTagKeys:
- Project
- Department
credentials:
source: InjectedIdentity
example
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: example
spec:
credentials:
source: None
example
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: example
spec:
credentials:
secretRef:
key: credentials
name: localstack-creds
namespace: crossplane-system
source: Secret
endpoint:
hostnameImmutable: true
url:
static: http://localstack:4566
type: Static
example
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: example
spec:
credentials:
env:
name: MY_AWS_CREDS
source: Environment
aws-provider-account-b
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: aws-provider-account-b
spec:
assumeRole:
externalID: my-optional-id
roleARN: arn:aws:iam::999999999999:role/account_b
tags:
- key: Project
value: Crossplane
- key: Department
value: Infrastructure
transitiveTagKeys:
- Project
- Department
credentials:
secretRef:
key: creds
name: aws-creds
namespace: crossplane-system
source: Secret
example
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: example
spec:
credentials:
secretRef:
key: credentials
name: example-creds
namespace: crossplane-system
source: Secret