Merge pull request #13 from marcincuber/feat/karpenter-v1-policy-update

update karpenter controller policy for v1 support
marcincuber · Aug 16, 2024 · 8987918 · 8987918
2 parents 1240b63 + eefb438
commit 8987918
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/terraform/oidc-iam-policies.tf b/terraform/oidc-iam-policies.tf
@@ -409,6 +409,15 @@ data "aws_iam_policy_document" "karpenter_controller" {
       ]
     }
 
+    condition {
+      test     = "StringEquals"
+      variable = "aws:RequestTag/eks:eks-cluster-name"
+
+      values = [
+        local.eks_cluster_name
+      ]
+    }
+
     condition {
       test     = "StringEquals"
       variable = "ec2:CreateAction"
@@ -458,11 +467,21 @@ data "aws_iam_policy_document" "karpenter_controller" {
       ]
     }
 
+    condition {
+      test     = "StringEqualsIfExists"
+      variable = "aws:RequestTag/eks:eks-cluster-name"
+
+      values = [
+        local.eks_cluster_name
+      ]
+    }
+
     condition {
       test     = "ForAllValues:StringEquals"
       variable = "aws:TagKeys"
 
       values = [
+        "eks:eks-cluster-name",
         "karpenter.sh/nodeclaim",
         "Name"
       ]