Skip to content

Commit

Permalink
clean up some of the up resources
Browse files Browse the repository at this point in the history
  • Loading branch information
michaeljguarino committed Dec 22, 2024
1 parent 47cdd52 commit d70155e
Show file tree
Hide file tree
Showing 7 changed files with 58 additions and 90 deletions.
18 changes: 18 additions & 0 deletions setup/catalogs.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: deployments.plural.sh/v1alpha1
kind: ServiceDeployment
metadata:
name: catalogs
namespace: infra
spec:
namespace: catalogs
git:
folder: setup
ref: main
repositoryRef:
kind: GitRepository
namespace: infra
name: scaffolds
clusterRef:
kind: Cluster
name: mgmt
namespace: infra
28 changes: 0 additions & 28 deletions setup/pr-automation/gatekeeper-setup.yaml

This file was deleted.

34 changes: 0 additions & 34 deletions setup/pr-automation/prometheus/prom-agent-creator.yaml

This file was deleted.

28 changes: 0 additions & 28 deletions setup/pr-automation/prometheus/prom-creator.yaml

This file was deleted.

20 changes: 20 additions & 0 deletions setup/stacks/mgmt.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: deployments.plural.sh/v1alpha1
kind: InfrastructureStack
metadata:
name: mgmt
spec:
name: mgmt
detach: false
type: TERRAFORM
approval: true
manageState: false
actor: [email protected]
repositoryRef:
name: infra
namespace: infra
clusterRef:
name: mgmt
namespace: infra
git:
ref: main
folder: terraform/mgmt
15 changes: 15 additions & 0 deletions terraform/clouds/aws/eks.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,13 @@
data "aws_caller_identity" "current" {}

data "aws_iam_session_context" "current" {
# This data source provides information on the IAM source role of an STS assumed role
# For non-role ARNs, this data source simply passes the ARN through issuer ARN
# Ref https://github.com/terraform-aws-modules/terraform-aws-eks/issues/2327#issuecomment-1355581682
# Ref https://github.com/hashicorp/terraform-provider-aws/issues/28381
arn = try(data.aws_caller_identity.current[0].arn, "")
}

module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.0"
Expand All @@ -13,6 +23,11 @@ module "eks" {

create_kms_key = true

kms_key_administrators = concat([
module.assumable_role_stacks.iam_role_arn,
try(data.aws_iam_session_context.current[0].issuer_arn, "")
], var.additional_kms_administrators)

# EKS Managed Node Group(s)
eks_managed_node_group_defaults = merge(var.node_group_defaults,
{ami_release_version = data.aws_ssm_parameter.eks_ami_release_version.value})
Expand Down
5 changes: 5 additions & 0 deletions terraform/clouds/aws/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -106,4 +106,9 @@ variable "create_cloudwatch_log_group" {
variable "monitoring_role" {
type = string
default = ""
}

variable "additional_kms_administrators" {
type = list(string)
default = [ ]
}

0 comments on commit d70155e

Please sign in to comment.