From 526f6953f412a7d02bf493476e35b444a6bb6f59 Mon Sep 17 00:00:00 2001
From: fidiego <sayheytofred@gmail.com>
Date: Thu, 21 Nov 2024 09:11:13 -0600
Subject: [PATCH] chore: entries: include odr iam role

---
 eks.tf | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/eks.tf b/eks.tf
index 56c91fd..3b98564 100644
--- a/eks.tf
+++ b/eks.tf
@@ -80,6 +80,19 @@ module "eks" {
           }
         }
       }
+    },
+    # TODO(fd): we should have this passed in as an input in case this ever changes
+    "odr-${local.cluster_name}" = {
+      principal_arn     = var.runner_install_role
+      kubernetes_groups = [] # empty because they are all system:admin and those are replaced by AmazonEKSClusterAdminPolicy
+      policy_associations = {
+        cluster_admin = {
+          policy_arn = module.odr_iam_role.iam_role_arn
+          access_scope = {
+            type = "cluster"
+          }
+        }
+      }
     }
 
   }