kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11149 from rifelpet/tf-tags 

Add tags to instance profile and OIDC provider terraform resources
This commit is contained in:
Kubernetes Prow Robot 2021-03-26 12:46:44 -07:00 committed by GitHub
parent 232aa5f521 80ceb4200d
commit ffc8a851bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
36 changed files with 413 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-bastionuserdata-example-com" {
resource "aws_iam_instance_profile" "bastions-bastionuserdata-example-com" {
name = "bastions.bastionuserdata.example.com"
role = aws_iam_role.bastions-bastionuserdata-example-com.name
tags = {
"KubernetesCluster" = "bastionuserdata.example.com"
"Name" = "bastions.bastionuserdata.example.com"
"kubernetes.io/cluster/bastionuserdata.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-bastionuserdata-example-com" {
name = "masters.bastionuserdata.example.com"
role = aws_iam_role.masters-bastionuserdata-example-com.name
tags = {
"KubernetesCluster" = "bastionuserdata.example.com"
"Name" = "masters.bastionuserdata.example.com"
"kubernetes.io/cluster/bastionuserdata.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-bastionuserdata-example-com" {
name = "nodes.bastionuserdata.example.com"
role = aws_iam_role.nodes-bastionuserdata-example-com.name
tags = {
"KubernetesCluster" = "bastionuserdata.example.com"
"Name" = "nodes.bastionuserdata.example.com"
"kubernetes.io/cluster/bastionuserdata.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-bastionuserdata-example-com" {
@ -1008,7 +1023,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

16
tests/integration/update_cluster/complex/kubernetes.tf
View File

@ -269,11 +269,25 @@ resource "aws_ebs_volume" "a-etcd-main-complex-example-com" {
resource "aws_iam_instance_profile" "masters-complex-example-com" {
name = "masters.complex.example.com"
role = aws_iam_role.masters-complex-example-com.name
tags = {
"KubernetesCluster" = "complex.example.com"
"Name" = "masters.complex.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/complex.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-complex-example-com" {
name = "nodes.complex.example.com"
role = aws_iam_role.nodes-complex-example-com.name
tags = {
"KubernetesCluster" = "complex.example.com"
"Name" = "nodes.complex.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/complex.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-complex-example-com" {
@ -1004,7 +1018,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/compress/kubernetes.tf
View File

@ -226,11 +226,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-compress-example-com" {
resource "aws_iam_instance_profile" "masters-compress-example-com" {
name = "masters.compress.example.com"
role = aws_iam_role.masters-compress-example-com.name
tags = {
"KubernetesCluster" = "compress.example.com"
"Name" = "masters.compress.example.com"
"kubernetes.io/cluster/compress.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-compress-example-com" {
name = "nodes.compress.example.com"
role = aws_iam_role.nodes-compress-example-com.name
tags = {
"KubernetesCluster" = "compress.example.com"
"Name" = "nodes.compress.example.com"
"kubernetes.io/cluster/compress.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-compress-example-com" {
@ -616,7 +626,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

2
tests/integration/update_cluster/existing_iam/kubernetes.tf
View File

@ -964,7 +964,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/existing_sg/kubernetes.tf
View File

@ -455,11 +455,21 @@ resource "aws_elb" "api-existingsg-example-com" {
resource "aws_iam_instance_profile" "masters-existingsg-example-com" {
name = "masters.existingsg.example.com"
role = aws_iam_role.masters-existingsg-example-com.name
tags = {
"KubernetesCluster" = "existingsg.example.com"
"Name" = "masters.existingsg.example.com"
"kubernetes.io/cluster/existingsg.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-existingsg-example-com" {
name = "nodes.existingsg.example.com"
role = aws_iam_role.nodes-existingsg-example-com.name
tags = {
"KubernetesCluster" = "existingsg.example.com"
"Name" = "nodes.existingsg.example.com"
"kubernetes.io/cluster/existingsg.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-existingsg-example-com" {
@ -1298,7 +1308,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/externallb/kubernetes.tf
View File

@ -230,11 +230,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-externallb-example-com" {
resource "aws_iam_instance_profile" "masters-externallb-example-com" {
name = "masters.externallb.example.com"
role = aws_iam_role.masters-externallb-example-com.name
tags = {
"KubernetesCluster" = "externallb.example.com"
"Name" = "masters.externallb.example.com"
"kubernetes.io/cluster/externallb.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-externallb-example-com" {
name = "nodes.externallb.example.com"
role = aws_iam_role.nodes-externallb-example-com.name
tags = {
"KubernetesCluster" = "externallb.example.com"
"Name" = "nodes.externallb.example.com"
"kubernetes.io/cluster/externallb.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-externallb-example-com" {
@ -632,7 +642,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

16
tests/integration/update_cluster/externalpolicies/kubernetes.tf
View File

@ -280,11 +280,25 @@ resource "aws_elb" "api-externalpolicies-example-com" {
resource "aws_iam_instance_profile" "masters-externalpolicies-example-com" {
name = "masters.externalpolicies.example.com"
role = aws_iam_role.masters-externalpolicies-example-com.name
tags = {
"KubernetesCluster" = "externalpolicies.example.com"
"Name" = "masters.externalpolicies.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/externalpolicies.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-externalpolicies-example-com" {
name = "nodes.externalpolicies.example.com"
role = aws_iam_role.nodes-externalpolicies-example-com.name
tags = {
"KubernetesCluster" = "externalpolicies.example.com"
"Name" = "nodes.externalpolicies.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/externalpolicies.example.com" = "owned"
}
}
resource "aws_iam_role_policy_attachment" "master-policyoverride-1242070525" {
@ -814,7 +828,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/ha/kubernetes.tf
View File

@ -426,11 +426,21 @@ resource "aws_ebs_volume" "c-etcd-main-ha-example-com" {
resource "aws_iam_instance_profile" "masters-ha-example-com" {
name = "masters.ha.example.com"
role = aws_iam_role.masters-ha-example-com.name
tags = {
"KubernetesCluster" = "ha.example.com"
"Name" = "masters.ha.example.com"
"kubernetes.io/cluster/ha.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-ha-example-com" {
name = "nodes.ha.example.com"
role = aws_iam_role.nodes-ha-example-com.name
tags = {
"KubernetesCluster" = "ha.example.com"
"Name" = "nodes.ha.example.com"
"kubernetes.io/cluster/ha.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-ha-example-com" {
@ -1026,7 +1036,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

2
tests/integration/update_cluster/lifecycle_phases/network-kubernetes.tf
View File

@ -172,7 +172,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/minimal-gp3/kubernetes.tf
View File

@ -226,11 +226,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-minimal-example-com" {
resource "aws_iam_instance_profile" "masters-minimal-example-com" {
name = "masters.minimal.example.com"
role = aws_iam_role.masters-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "masters.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-minimal-example-com" {
name = "nodes.minimal.example.com"
role = aws_iam_role.nodes-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "nodes.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-minimal-example-com" {
@ -624,7 +634,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

14
tests/integration/update_cluster/minimal-json/kubernetes.tf.json
View File

@ -261,11 +261,21 @@
"aws_iam_instance_profile": {
"masters-minimal-json-example-com": {
"name": "masters.minimal-json.example.com",
"role": "${aws_iam_role.masters-minimal-json-example-com.name}"
"role": "${aws_iam_role.masters-minimal-json-example-com.name}",
"tags": {
"KubernetesCluster": "minimal-json.example.com",
"Name": "masters.minimal-json.example.com",
"kubernetes.io/cluster/minimal-json.example.com": "owned"
}
},
"nodes-minimal-json-example-com": {
"name": "nodes.minimal-json.example.com",
"role": "${aws_iam_role.nodes-minimal-json-example-com.name}"
"role": "${aws_iam_role.nodes-minimal-json-example-com.name}",
"tags": {
"KubernetesCluster": "minimal-json.example.com",
"Name": "nodes.minimal-json.example.com",
"kubernetes.io/cluster/minimal-json.example.com": "owned"
}
}
},
"aws_iam_role": {

12
tests/integration/update_cluster/minimal/kubernetes.tf
View File

@ -226,11 +226,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-minimal-example-com" {
resource "aws_iam_instance_profile" "masters-minimal-example-com" {
name = "masters.minimal.example.com"
role = aws_iam_role.masters-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "masters.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-minimal-example-com" {
name = "nodes.minimal.example.com"
role = aws_iam_role.nodes-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "nodes.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-minimal-example-com" {
@ -628,7 +638,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/mixed_instances/kubernetes.tf
View File

@ -444,11 +444,21 @@ resource "aws_ebs_volume" "us-test-1c-etcd-main-mixedinstances-example-com" {
resource "aws_iam_instance_profile" "masters-mixedinstances-example-com" {
name = "masters.mixedinstances.example.com"
role = aws_iam_role.masters-mixedinstances-example-com.name
tags = {
"KubernetesCluster" = "mixedinstances.example.com"
"Name" = "masters.mixedinstances.example.com"
"kubernetes.io/cluster/mixedinstances.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-mixedinstances-example-com" {
name = "nodes.mixedinstances.example.com"
role = aws_iam_role.nodes-mixedinstances-example-com.name
tags = {
"KubernetesCluster" = "mixedinstances.example.com"
"Name" = "nodes.mixedinstances.example.com"
"kubernetes.io/cluster/mixedinstances.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-mixedinstances-example-com" {
@ -1044,7 +1054,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/mixed_instances_spot/kubernetes.tf
View File

@ -444,11 +444,21 @@ resource "aws_ebs_volume" "us-test-1c-etcd-main-mixedinstances-example-com" {
resource "aws_iam_instance_profile" "masters-mixedinstances-example-com" {
name = "masters.mixedinstances.example.com"
role = aws_iam_role.masters-mixedinstances-example-com.name
tags = {
"KubernetesCluster" = "mixedinstances.example.com"
"Name" = "masters.mixedinstances.example.com"
"kubernetes.io/cluster/mixedinstances.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-mixedinstances-example-com" {
name = "nodes.mixedinstances.example.com"
role = aws_iam_role.nodes-mixedinstances-example-com.name
tags = {
"KubernetesCluster" = "mixedinstances.example.com"
"Name" = "nodes.mixedinstances.example.com"
"kubernetes.io/cluster/mixedinstances.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-mixedinstances-example-com" {
@ -1044,7 +1054,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/private-shared-ip/kubernetes.tf
View File

@ -352,16 +352,31 @@ resource "aws_elb" "bastion-private-shared-ip-example-com" {
resource "aws_iam_instance_profile" "bastions-private-shared-ip-example-com" {
name = "bastions.private-shared-ip.example.com"
role = aws_iam_role.bastions-private-shared-ip-example-com.name
tags = {
"KubernetesCluster" = "private-shared-ip.example.com"
"Name" = "bastions.private-shared-ip.example.com"
"kubernetes.io/cluster/private-shared-ip.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-private-shared-ip-example-com" {
name = "masters.private-shared-ip.example.com"
role = aws_iam_role.masters-private-shared-ip-example-com.name
tags = {
"KubernetesCluster" = "private-shared-ip.example.com"
"Name" = "masters.private-shared-ip.example.com"
"kubernetes.io/cluster/private-shared-ip.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-private-shared-ip-example-com" {
name = "nodes.private-shared-ip.example.com"
role = aws_iam_role.nodes-private-shared-ip-example-com.name
tags = {
"KubernetesCluster" = "private-shared-ip.example.com"
"Name" = "nodes.private-shared-ip.example.com"
"kubernetes.io/cluster/private-shared-ip.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-private-shared-ip-example-com" {
@ -958,7 +973,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/private-shared-subnet/kubernetes.tf
View File

@ -347,16 +347,31 @@ resource "aws_elb" "bastion-private-shared-subnet-example-com" {
resource "aws_iam_instance_profile" "bastions-private-shared-subnet-example-com" {
name = "bastions.private-shared-subnet.example.com"
role = aws_iam_role.bastions-private-shared-subnet-example-com.name
tags = {
"KubernetesCluster" = "private-shared-subnet.example.com"
"Name" = "bastions.private-shared-subnet.example.com"
"kubernetes.io/cluster/private-shared-subnet.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-private-shared-subnet-example-com" {
name = "masters.private-shared-subnet.example.com"
role = aws_iam_role.masters-private-shared-subnet-example-com.name
tags = {
"KubernetesCluster" = "private-shared-subnet.example.com"
"Name" = "masters.private-shared-subnet.example.com"
"kubernetes.io/cluster/private-shared-subnet.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-private-shared-subnet-example-com" {
name = "nodes.private-shared-subnet.example.com"
role = aws_iam_role.nodes-private-shared-subnet-example-com.name
tags = {
"KubernetesCluster" = "private-shared-subnet.example.com"
"Name" = "nodes.private-shared-subnet.example.com"
"kubernetes.io/cluster/private-shared-subnet.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-private-shared-subnet-example-com" {
@ -875,7 +890,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatecalico/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privatecalico-example-com" {
resource "aws_iam_instance_profile" "bastions-privatecalico-example-com" {
name = "bastions.privatecalico.example.com"
role = aws_iam_role.bastions-privatecalico-example-com.name
tags = {
"KubernetesCluster" = "privatecalico.example.com"
"Name" = "bastions.privatecalico.example.com"
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatecalico-example-com" {
name = "masters.privatecalico.example.com"
role = aws_iam_role.masters-privatecalico-example-com.name
tags = {
"KubernetesCluster" = "privatecalico.example.com"
"Name" = "masters.privatecalico.example.com"
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatecalico-example-com" {
name = "nodes.privatecalico.example.com"
role = aws_iam_role.nodes-privatecalico-example-com.name
tags = {
"KubernetesCluster" = "privatecalico.example.com"
"Name" = "nodes.privatecalico.example.com"
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatecalico-example-com" {
@ -1016,7 +1031,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatecanal/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privatecanal-example-com" {
resource "aws_iam_instance_profile" "bastions-privatecanal-example-com" {
name = "bastions.privatecanal.example.com"
role = aws_iam_role.bastions-privatecanal-example-com.name
tags = {
"KubernetesCluster" = "privatecanal.example.com"
"Name" = "bastions.privatecanal.example.com"
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatecanal-example-com" {
name = "masters.privatecanal.example.com"
role = aws_iam_role.masters-privatecanal-example-com.name
tags = {
"KubernetesCluster" = "privatecanal.example.com"
"Name" = "masters.privatecanal.example.com"
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatecanal-example-com" {
name = "nodes.privatecanal.example.com"
role = aws_iam_role.nodes-privatecanal-example-com.name
tags = {
"KubernetesCluster" = "privatecanal.example.com"
"Name" = "nodes.privatecanal.example.com"
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatecanal-example-com" {
@ -1007,7 +1022,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatecilium/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privatecilium-example-com" {
resource "aws_iam_instance_profile" "bastions-privatecilium-example-com" {
name = "bastions.privatecilium.example.com"
role = aws_iam_role.bastions-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "bastions.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatecilium-example-com" {
name = "masters.privatecilium.example.com"
role = aws_iam_role.masters-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "masters.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatecilium-example-com" {
name = "nodes.privatecilium.example.com"
role = aws_iam_role.nodes-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "nodes.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatecilium-example-com" {
@ -1007,7 +1022,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatecilium2/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privatecilium-example-com" {
resource "aws_iam_instance_profile" "bastions-privatecilium-example-com" {
name = "bastions.privatecilium.example.com"
role = aws_iam_role.bastions-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "bastions.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatecilium-example-com" {
name = "masters.privatecilium.example.com"
role = aws_iam_role.masters-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "masters.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatecilium-example-com" {
name = "nodes.privatecilium.example.com"
role = aws_iam_role.nodes-privatecilium-example-com.name
tags = {
"KubernetesCluster" = "privatecilium.example.com"
"Name" = "nodes.privatecilium.example.com"
"kubernetes.io/cluster/privatecilium.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatecilium-example-com" {
@ -1007,7 +1022,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privateciliumadvanced/kubernetes.tf
View File

@ -382,16 +382,31 @@ resource "aws_elb" "bastion-privateciliumadvanced-example-com" {
resource "aws_iam_instance_profile" "bastions-privateciliumadvanced-example-com" {
name = "bastions.privateciliumadvanced.example.com"
role = aws_iam_role.bastions-privateciliumadvanced-example-com.name
tags = {
"KubernetesCluster" = "privateciliumadvanced.example.com"
"Name" = "bastions.privateciliumadvanced.example.com"
"kubernetes.io/cluster/privateciliumadvanced.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privateciliumadvanced-example-com" {
name = "masters.privateciliumadvanced.example.com"
role = aws_iam_role.masters-privateciliumadvanced-example-com.name
tags = {
"KubernetesCluster" = "privateciliumadvanced.example.com"
"Name" = "masters.privateciliumadvanced.example.com"
"kubernetes.io/cluster/privateciliumadvanced.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privateciliumadvanced-example-com" {
name = "nodes.privateciliumadvanced.example.com"
role = aws_iam_role.nodes-privateciliumadvanced-example-com.name
tags = {
"KubernetesCluster" = "privateciliumadvanced.example.com"
"Name" = "nodes.privateciliumadvanced.example.com"
"kubernetes.io/cluster/privateciliumadvanced.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privateciliumadvanced-example-com" {
@ -1023,7 +1038,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

23
tests/integration/update_cluster/privatedns1/kubernetes.tf
View File

@ -406,16 +406,37 @@ resource "aws_elb" "bastion-privatedns1-example-com" {
resource "aws_iam_instance_profile" "bastions-privatedns1-example-com" {
name = "bastions.privatedns1.example.com"
role = aws_iam_role.bastions-privatedns1-example-com.name
tags = {
"KubernetesCluster" = "privatedns1.example.com"
"Name" = "bastions.privatedns1.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatedns1-example-com" {
name = "masters.privatedns1.example.com"
role = aws_iam_role.masters-privatedns1-example-com.name
tags = {
"KubernetesCluster" = "privatedns1.example.com"
"Name" = "masters.privatedns1.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatedns1-example-com" {
name = "nodes.privatedns1.example.com"
role = aws_iam_role.nodes-privatedns1-example-com.name
tags = {
"KubernetesCluster" = "privatedns1.example.com"
"Name" = "nodes.privatedns1.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatedns1-example-com" {
@ -1104,7 +1125,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatedns2/kubernetes.tf
View File

@ -361,16 +361,31 @@ resource "aws_elb" "bastion-privatedns2-example-com" {
resource "aws_iam_instance_profile" "bastions-privatedns2-example-com" {
name = "bastions.privatedns2.example.com"
role = aws_iam_role.bastions-privatedns2-example-com.name
tags = {
"KubernetesCluster" = "privatedns2.example.com"
"Name" = "bastions.privatedns2.example.com"
"kubernetes.io/cluster/privatedns2.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatedns2-example-com" {
name = "masters.privatedns2.example.com"
role = aws_iam_role.masters-privatedns2-example-com.name
tags = {
"KubernetesCluster" = "privatedns2.example.com"
"Name" = "masters.privatedns2.example.com"
"kubernetes.io/cluster/privatedns2.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatedns2-example-com" {
name = "nodes.privatedns2.example.com"
role = aws_iam_role.nodes-privatedns2-example-com.name
tags = {
"KubernetesCluster" = "privatedns2.example.com"
"Name" = "nodes.privatedns2.example.com"
"kubernetes.io/cluster/privatedns2.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatedns2-example-com" {
@ -967,7 +982,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privateflannel/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privateflannel-example-com" {
resource "aws_iam_instance_profile" "bastions-privateflannel-example-com" {
name = "bastions.privateflannel.example.com"
role = aws_iam_role.bastions-privateflannel-example-com.name
tags = {
"KubernetesCluster" = "privateflannel.example.com"
"Name" = "bastions.privateflannel.example.com"
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privateflannel-example-com" {
name = "masters.privateflannel.example.com"
role = aws_iam_role.masters-privateflannel-example-com.name
tags = {
"KubernetesCluster" = "privateflannel.example.com"
"Name" = "masters.privateflannel.example.com"
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privateflannel-example-com" {
name = "nodes.privateflannel.example.com"
role = aws_iam_role.nodes-privateflannel-example-com.name
tags = {
"KubernetesCluster" = "privateflannel.example.com"
"Name" = "nodes.privateflannel.example.com"
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privateflannel-example-com" {
@ -1007,7 +1022,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privatekopeio/kubernetes.tf
View File

@ -372,16 +372,31 @@ resource "aws_elb" "bastion-privatekopeio-example-com" {
resource "aws_iam_instance_profile" "bastions-privatekopeio-example-com" {
name = "bastions.privatekopeio.example.com"
role = aws_iam_role.bastions-privatekopeio-example-com.name
tags = {
"KubernetesCluster" = "privatekopeio.example.com"
"Name" = "bastions.privatekopeio.example.com"
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privatekopeio-example-com" {
name = "masters.privatekopeio.example.com"
role = aws_iam_role.masters-privatekopeio-example-com.name
tags = {
"KubernetesCluster" = "privatekopeio.example.com"
"Name" = "masters.privatekopeio.example.com"
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privatekopeio-example-com" {
name = "nodes.privatekopeio.example.com"
role = aws_iam_role.nodes-privatekopeio-example-com.name
tags = {
"KubernetesCluster" = "privatekopeio.example.com"
"Name" = "nodes.privatekopeio.example.com"
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privatekopeio-example-com" {
@ -1055,7 +1070,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/privateweave/kubernetes.tf
View File

@ -366,16 +366,31 @@ resource "aws_elb" "bastion-privateweave-example-com" {
resource "aws_iam_instance_profile" "bastions-privateweave-example-com" {
name = "bastions.privateweave.example.com"
role = aws_iam_role.bastions-privateweave-example-com.name
tags = {
"KubernetesCluster" = "privateweave.example.com"
"Name" = "bastions.privateweave.example.com"
"kubernetes.io/cluster/privateweave.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-privateweave-example-com" {
name = "masters.privateweave.example.com"
role = aws_iam_role.masters-privateweave-example-com.name
tags = {
"KubernetesCluster" = "privateweave.example.com"
"Name" = "masters.privateweave.example.com"
"kubernetes.io/cluster/privateweave.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-privateweave-example-com" {
name = "nodes.privateweave.example.com"
role = aws_iam_role.nodes-privateweave-example-com.name
tags = {
"KubernetesCluster" = "privateweave.example.com"
"Name" = "nodes.privateweave.example.com"
"kubernetes.io/cluster/privateweave.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-privateweave-example-com" {
@ -1007,7 +1022,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/public-jwks/kubernetes.tf
View File

@ -236,15 +236,30 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-minimal-example-com" {
resource "aws_iam_instance_profile" "masters-minimal-example-com" {
name = "masters.minimal.example.com"
role = aws_iam_role.masters-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "masters.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-minimal-example-com" {
name = "nodes.minimal.example.com"
role = aws_iam_role.nodes-minimal-example-com.name
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "nodes.minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
}
resource "aws_iam_openid_connect_provider" "minimal-example-com" {
client_id_list = ["amazonaws.com"]
tags = {
"KubernetesCluster" = "minimal.example.com"
"Name" = "minimal.example.com"
"kubernetes.io/cluster/minimal.example.com" = "owned"
}
thumbprint_list = ["9e99a48a9960b14926bb7f3b02e22da2b0ab7280", "a9d53002e97e00e043244f3d170d6f4c414104fd"]
url = "https://discovery.example.com/minimal.example.com/oidc"
}
@ -660,7 +675,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/shared_subnet/kubernetes.tf
View File

@ -221,11 +221,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-sharedsubnet-example-com" {
resource "aws_iam_instance_profile" "masters-sharedsubnet-example-com" {
name = "masters.sharedsubnet.example.com"
role = aws_iam_role.masters-sharedsubnet-example-com.name
tags = {
"KubernetesCluster" = "sharedsubnet.example.com"
"Name" = "masters.sharedsubnet.example.com"
"kubernetes.io/cluster/sharedsubnet.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-sharedsubnet-example-com" {
name = "nodes.sharedsubnet.example.com"
role = aws_iam_role.nodes-sharedsubnet-example-com.name
tags = {
"KubernetesCluster" = "sharedsubnet.example.com"
"Name" = "nodes.sharedsubnet.example.com"
"kubernetes.io/cluster/sharedsubnet.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-sharedsubnet-example-com" {
@ -554,7 +564,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

12
tests/integration/update_cluster/shared_vpc/kubernetes.tf
View File

@ -221,11 +221,21 @@ resource "aws_ebs_volume" "us-test-1a-etcd-main-sharedvpc-example-com" {
resource "aws_iam_instance_profile" "masters-sharedvpc-example-com" {
name = "masters.sharedvpc.example.com"
role = aws_iam_role.masters-sharedvpc-example-com.name
tags = {
"KubernetesCluster" = "sharedvpc.example.com"
"Name" = "masters.sharedvpc.example.com"
"kubernetes.io/cluster/sharedvpc.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-sharedvpc-example-com" {
name = "nodes.sharedvpc.example.com"
role = aws_iam_role.nodes-sharedvpc-example-com.name
tags = {
"KubernetesCluster" = "sharedvpc.example.com"
"Name" = "nodes.sharedvpc.example.com"
"kubernetes.io/cluster/sharedvpc.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "masters-sharedvpc-example-com" {
@ -588,7 +598,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

17
tests/integration/update_cluster/unmanaged/kubernetes.tf
View File

@ -352,16 +352,31 @@ resource "aws_elb" "bastion-unmanaged-example-com" {
resource "aws_iam_instance_profile" "bastions-unmanaged-example-com" {
name = "bastions.unmanaged.example.com"
role = aws_iam_role.bastions-unmanaged-example-com.name
tags = {
"KubernetesCluster" = "unmanaged.example.com"
"Name" = "bastions.unmanaged.example.com"
"kubernetes.io/cluster/unmanaged.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "masters-unmanaged-example-com" {
name = "masters.unmanaged.example.com"
role = aws_iam_role.masters-unmanaged-example-com.name
tags = {
"KubernetesCluster" = "unmanaged.example.com"
"Name" = "masters.unmanaged.example.com"
"kubernetes.io/cluster/unmanaged.example.com" = "owned"
}
}
resource "aws_iam_instance_profile" "nodes-unmanaged-example-com" {
name = "nodes.unmanaged.example.com"
role = aws_iam_role.nodes-unmanaged-example-com.name
tags = {
"KubernetesCluster" = "unmanaged.example.com"
"Name" = "nodes.unmanaged.example.com"
"kubernetes.io/cluster/unmanaged.example.com" = "owned"
}
}
resource "aws_iam_role_policy" "bastions-unmanaged-example-com" {
@ -932,7 +947,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

4
upup/pkg/fi/cloudup/awstasks/autoscalinggroup_test.go
View File

@ -250,7 +250,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}
@ -324,7 +324,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

8
upup/pkg/fi/cloudup/awstasks/iaminstanceprofilerole.go
View File

@ -106,21 +106,20 @@ func (_ *IAMInstanceProfileRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes
return fmt.Errorf("error creating IAMInstanceProfileRole: %v", err)
}
}
// TODO: Should we use path as our tag?
return nil // No tags in IAM
return nil
}
type terraformIAMInstanceProfile struct {
Name *string `json:"name" cty:"name"`
Role *terraform.Literal `json:"role" cty:"role"`
// TODO(rifelpet): add tags field when terraform supports it
Tags map[string]string `json:"tags,omitempty" cty:"tags"`
}
func (_ *IAMInstanceProfileRole) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *IAMInstanceProfileRole) error {
tf := &terraformIAMInstanceProfile{
Name: e.InstanceProfile.Name,
Role: e.Role.TerraformLink(),
Tags: e.InstanceProfile.Tags,
}
return t.RenderResource("aws_iam_instance_profile", *e.InstanceProfile.Name, tf)
@ -129,6 +128,7 @@ func (_ *IAMInstanceProfileRole) RenderTerraform(t *terraform.TerraformTarget, a
type cloudformationIAMInstanceProfile struct {
InstanceProfileName *string `json:"InstanceProfileName"`
Roles []*cloudformation.Literal `json:"Roles"`
// TODO: Add tags when Cloudformation supports them
}
func (_ *IAMInstanceProfileRole) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *IAMInstanceProfileRole) error {

2
upup/pkg/fi/cloudup/awstasks/iamoidcprovider.go
View File

@ -187,6 +187,7 @@ type terraformIAMOIDCProvider struct {
ThumbprintList []*string `json:"thumbprint_list" cty:"thumbprint_list"`
AssumeRolePolicy *terraform.Literal `json:"assume_role_policy" cty:"assume_role_policy"`
Tags map[string]string `json:"tags,omitempty" cty:"tags"`
}
func (p *IAMOIDCProvider) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *IAMOIDCProvider) error {
@ -195,6 +196,7 @@ func (p *IAMOIDCProvider) RenderTerraform(t *terraform.TerraformTarget, a, e, ch
URL: e.URL,
ClientIDList: e.ClientIDs,
ThumbprintList: e.Thumbprints,
Tags: e.Tags,
}
return t.RenderResource("aws_iam_openid_connect_provider", *e.Name, tf)

4
upup/pkg/fi/cloudup/awstasks/iamrole.go
View File

@ -247,9 +247,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
}
}
}
// TODO: Should we use path as our tag?
return nil // No tags in IAM
return nil
}
type terraformIAMRole struct {

4
upup/pkg/fi/cloudup/awstasks/launchtemplate_target_terraform_test.go
View File

@ -98,7 +98,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}
@ -184,7 +184,7 @@ terraform {
required_providers {
aws = {
"source" = "hashicorp/aws"
"version" = ">= 2.46.0"
"version" = ">= 3.34.0"
}
}
}

2
upup/pkg/fi/cloudup/terraform/target_hcl2.go
View File

@ -98,7 +98,7 @@ func (t *TerraformTarget) finishHCL2(taskMap map[string]fi.Task) error {
} else if t.Cloud.ProviderID() == kops.CloudProviderAWS {
writeMap(requiredProvidersBody, "aws", map[string]cty.Value{
"source": cty.StringVal("hashicorp/aws"),
"version": cty.StringVal(">= 2.46.0"),
"version": cty.StringVal(">= 3.34.0"),
})
if featureflag.Spotinst.Enabled() {
writeMap(requiredProvidersBody, "spotinst", map[string]cty.Value{