37 lines
823 B
YAML
37 lines
823 B
YAML
{{- if eq .Values.platform "aws" }}
|
|
# Controller role for consistency, similar to kubeadm admin.conf
|
|
apiVersion: iamauthenticator.k8s.aws/v1alpha1
|
|
kind: IAMIdentityMapping
|
|
metadata:
|
|
name: kubezero-controllers
|
|
spec:
|
|
arn: {{ .Values.ControllerIamRole }}
|
|
username: kubezero-controller
|
|
groups:
|
|
- system:masters
|
|
|
|
---
|
|
# Worker role to eg. delete during terminate
|
|
apiVersion: iamauthenticator.k8s.aws/v1alpha1
|
|
kind: IAMIdentityMapping
|
|
metadata:
|
|
name: kubezero-workers
|
|
spec:
|
|
arn: {{ .Values.WorkerIamRole }}
|
|
username: kubezero-worker
|
|
groups:
|
|
- system:masters
|
|
|
|
---
|
|
# Admin Role for remote access
|
|
apiVersion: iamauthenticator.k8s.aws/v1alpha1
|
|
kind: IAMIdentityMapping
|
|
metadata:
|
|
name: kubernetes-admin
|
|
spec:
|
|
arn: {{ .Values.kubeAdminRole }}
|
|
username: kubernetes-admin
|
|
groups:
|
|
- system:masters
|
|
{{- end }}
|