mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-21 16:56:03 +00:00

History

renovate[bot] 6b2e41fcde deps: update Terraform aws to v5.26.0 (#2579 ) * deps: update Terraform aws to v5.26.0 * deps: tidy all modules --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>		2023-11-21 11:24:31 +01:00
..
.terraform.lock.hcl	deps: update Terraform aws to v5.26.0 (#2579 )	2023-11-21 11:24:31 +01:00
main.tf	deps: update Terraform aws to v5.26.0 (#2579 )	2023-11-21 11:24:31 +01:00
outputs.tf	terraform: Terraform module for AWS (#2503 )	2023-11-08 19:10:01 +01:00
README.md	terraform: Terraform module for AWS (#2503 )	2023-11-08 19:10:01 +01:00
variables.tf	terraform: Terraform module for AWS (#2503 )	2023-11-08 19:10:01 +01:00

README.md

IAM instance profiles for AWS

This terraform script creates the necessary profiles that need to be attached to Constellation nodes.

You can create the profiles with the following commands:

mkdir constellation_aws_iam
cd constellation_aws_iam
curl --remote-name-all https://raw.githubusercontent.com/edgelesssys/constellation/main/hack/terraform/aws/iam/{main,output,variables}.tf
terraform init
terraform apply -auto-approve -var name_prefix=my_constellation

You can either get the profile names from the Terraform output values control_plane_instance_profile and worker_nodes_instance_profile and manually add them to your Constellation configuration file.

Or you can do this with a yq command:

yq -i "
  .provider.aws.iamProfileControlPlane = $(terraform output control_plane_instance_profile) |
  .provider.aws.iamProfileWorkerNodes = $(terraform output worker_nodes_instance_profile)
  " path/to/constellation-conf.yaml