Access Entry Policy Association for an EKS Cluster.
resource "aws_eks_access_policy_association" "example" {
cluster_name = aws_eks_cluster.example.name
policy_arn = "arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy"
principal_arn = aws_iam_user.example.arn
access_scope {
type = "namespace"
namespaces = ["example-namespace"]
}
}
The following arguments are required:
cluster_name
– (Required) Name of the EKS Cluster.policy_arn
– (Required) The ARN of the access policy that you're associating.principal_arn
– (Required) The IAM Principal ARN which requires Authentication access to the EKS cluster.access_scope
– (Required) The configuration block to determine the scope of the access. See access_scope
Block below.access_scope
BlockThe access_scope
block supports the following arguments.
type
- (Required) Valid values are namespace
or cluster
.namespaces
- (Optional) The namespaces to which the access scope applies when type is namespace.This resource exports the following attributes in addition to the arguments above:
associated_access_policy
- Contains information about the access policy associatieon. See associated_access_policy
Block below.associated_access_policy
BlockThe associated_access_policy
block has the following attributes.
associated_at
- Date and time in RFC3339 format that the policy was associated.modified_at
- Date and time in RFC3339 format that the policy was updated.create
- (Default 20m
)update
- (Default 20m
)delete
- (Default 40m
)In Terraform v1.5.0 and later, use an import
block to import EKS add-on using the cluster_name
, principal_arn
and policy_arn
separated by a colon (#
). For example:
import {
to = aws_eks_access_policy_association.my_eks_entry
id = "my_cluster_name#my_principal_arn#my_policy_arn"
}
Using terraform import
, import EKS access entry using the cluster_name
principal_arn
and policy_arn
separated by a colon (#
). For example:
% terraform import aws_eks_access_policy_association.my_eks_access_entry my_cluster_name#my_principal_arn#my_policy_arn