You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use the basics of providers limits the ability to setup multi-account environments.
In my case, we split the environment into management, production and development as completely independent accounts, drastically simplifying the overload required to provide access to different sectors of the company, such as contractors.
To address this issue, you can expand the provider configuration to something like this:
provider "aws" {
alias = "kubernetes"
region = "${var.region}"
assume_role {
session_name = "Terraform"
role_arn = "arn:aws:iam::${var.account}:role/Admin"
}
}
And then for every AWS resource, data, etc, you need to define the provider, like this:
resource "aws_iam_policy" "master_policy" {
provider = "aws.kubernetes"
name = "${var.cluster_name}-master"
path = "/"
description = "Policy for role ${var.cluster_name}-master"
policy = "${data.template_file.master_policy_json.rendered}"
}
The text was updated successfully, but these errors were encountered:
Use the basics of providers limits the ability to setup multi-account environments.
In my case, we split the environment into management, production and development as completely independent accounts, drastically simplifying the overload required to provide access to different sectors of the company, such as contractors.
To address this issue, you can expand the provider configuration to something like this:
And then for every AWS resource, data, etc, you need to define the provider, like this:
The text was updated successfully, but these errors were encountered: