From 31eba6c82869777af7e63b68d78cc53e2d1a014c Mon Sep 17 00:00:00 2001
From: Rui <mail@ruicampos.org>
Date: Sun, 1 Sep 2024 14:57:00 +0100
Subject: [PATCH] fix: use coder policy as additional policy

---
 k8s/eks.tf | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/k8s/eks.tf b/k8s/eks.tf
index 0401e69..2870848 100644
--- a/k8s/eks.tf
+++ b/k8s/eks.tf
@@ -15,7 +15,7 @@ module "irsa-ebs-csi" {
   oidc_fully_qualified_subjects = ["system:serviceaccount:kube-system:ebs-csi-controller-sa"]
 }
 
-resource "aws_iam_policy" "policy" {
+resource "aws_iam_policy" "coder_policy" {
   name        = "coder-policy"
   path        = "/"
   description = "Permissions required by coder to manage aws instances"
@@ -85,8 +85,11 @@ module "eks" {
   vpc_id     = module.vpc.vpc_id
   subnet_ids = module.vpc.private_subnets
 
-  iam_role_arn    = aws_iam_policy.policy.arn
-  create_iam_role = false
+  # iam_role_arn    = aws_iam_policy.policy.arn
+  create_iam_role = true
+  iam_role_additional_policies = {
+    "coder-policy" : aws_iam_policy.coder_policy.arn
+  }
 
   cluster_addons = {
     aws-ebs-csi-driver = {