From 9c7804fb56f0c1b486d52b81fd0341c73c0ec8e4 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Wed, 29 Jun 2022 23:18:06 -0300 Subject: [PATCH] apps-devstg/us-east-1/k8s-eks-v1.17/cluster adding DevOps SSO role to fix lack of AWS EKS web console permissions --- apps-devstg/us-east-1/k8s-eks-v1.17/cluster/locals.tf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/apps-devstg/us-east-1/k8s-eks-v1.17/cluster/locals.tf b/apps-devstg/us-east-1/k8s-eks-v1.17/cluster/locals.tf index e119c250d..7bb3ba00d 100644 --- a/apps-devstg/us-east-1/k8s-eks-v1.17/cluster/locals.tf +++ b/apps-devstg/us-east-1/k8s-eks-v1.17/cluster/locals.tf @@ -49,5 +49,14 @@ locals { groups = [ "system:masters"] }, + # + # Allow DevOps SSO role to become cluster admins + # + { + rolearn = "arn:aws:iam::${var.appsdevstg_account_id}:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_DevOps_5e0501636a32f9c4" + username = "DevOps" + groups = [ + "system:masters"] + }, ] }