A ProviderConfig configures the AWS provider.
Type
CRD
Group
aws.upbound.io
Version
v1beta1
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
A ProviderConfigSpec defines the desired state of a ProviderConfig.
AssumeRoleChain defines the options for assuming an IAM role
Tags is list of session tags that you want to pass. Each session tag consists of a key name and an associated value. For more information about session tags, see Tagging STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html).
TransitiveTagKeys is a list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. For more information, see Chaining Roles with Session Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining).
Credentials required to authenticate to this provider.
Env is a reference to an environment variable that contains credentials that must be used to connect to the provider.
Fs is a reference to a filesystem location that contains credentials that must be used to connect to the provider.
WebIdentity defines the options for assuming an IAM role with a Web Identity
Endpoint is where you can override the default endpoint configuration of AWS calls made by the provider.
A ProviderConfigStatus reflects the observed state of a ProviderConfig.
Conditions of the resource.
web-identity-with-role-chain
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: web-identity-with-role-chain
spec:
assumeRoleChain:
- roleARN: <roleARN-1>
- roleARN: <roleARN-2>
credentials:
source: WebIdentity
webIdentity:
roleARN: <roleARN-for-web-identity>
default
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: default
spec:
credentials:
secretRef:
key: creds
name: provider-creds
namespace: upbound-system
source: Secret
irsa-with-role-chaining
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: irsa-with-role-chaining
spec:
assumeRoleChain:
- roleARN: <roleARN-1>
- roleARN: <roleARN-2>
credentials:
source: IRSA
default
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: default
spec:
credentials:
secretRef:
key: credentials
name: example-aws-creds
namespace: crossplane-system
source: Secret
irsa
apiVersion: aws.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: irsa
spec:
credentials:
source: IRSA
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.