File tree Expand file tree Collapse file tree 1 file changed +35
-0
lines changed Expand file tree Collapse file tree 1 file changed +35
-0
lines changed Original file line number Diff line number Diff line change @@ -442,6 +442,23 @@ Resources:
442442 Path : /
443443 RoleName : " {{.Cluster.LocalID}}-e2e-cdp"
444444 Type : ' AWS::IAM::Role'
445+ E2EEKSIAMTestAccessEntryCDP :
446+ Type : " AWS::EKS::AccessEntry"
447+ Properties :
448+ AccessPolicies :
449+ - AccessScope :
450+ Type : " cluster"
451+ PolicyArn : " arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy"
452+ ClusterName : !Ref EKSCluster
453+ PrincipalArn : !GetAtt E2EEKSIAMTestCDP.Arn
454+ Username : !Join
455+ - ' '
456+ - - !Sub 'arn:aws:sts::${AWS::AccountId}:assumed-role/'
457+ - !Ref E2EEKSIAMTestCDP
458+ - ' /{{`{{SessionName}}`}}'
459+ KubernetesGroups :
460+ - zalando:cdp
461+ Type : " STANDARD"
445462 E2EEKSIAMTestDeploymentService :
446463 Properties :
447464 AssumeRolePolicyDocument :
@@ -455,6 +472,24 @@ Resources:
455472 Version : 2012-10-17
456473 Path : /
457474 RoleName : " {{.Cluster.LocalID}}-e2e-deployment-service"
475+ Type : ' AWS::IAM::Role'
476+ E2EEKSIAMTestAccessEntryDeploymentService :
477+ Type : " AWS::EKS::AccessEntry"
478+ Properties :
479+ AccessPolicies :
480+ - AccessScope :
481+ Type : " cluster"
482+ PolicyArn : " arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy"
483+ ClusterName : !Ref EKSCluster
484+ PrincipalArn : !GetAtt E2EEKSIAMTestDeploymentService.Arn
485+ Username : !Join
486+ - ' '
487+ - - !Sub 'arn:aws:sts::${AWS::AccountId}:assumed-role/'
488+ - !Ref E2EEKSIAMTestDeploymentService
489+ - ' /{{`{{SessionName}}`}}'
490+ KubernetesGroups :
491+ - zalando:deployment-service
492+ Type : " STANDARD"
458493 {{ end }}
459494 # TODO: IAM POLICY
460495 EKSCNIIPv6Policy :
You can’t perform that action at this time.
0 commit comments