Merge pull request #35 from OfirYaron/ingress-role-name-override

Adding optional role_name parameter
DNXLabs · Sep 27, 2023 · f29ab0d · f29ab0d
2 parents 2b1fcf0 + ed826f2
commit f29ab0d
Show file tree

Hide file tree

Showing 3 changed files with 94 additions and 2 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/_variables.tf b/_variables.tf
@@ -87,4 +87,10 @@ variable "roles" {
   }))
   default     = []
   description = "RBAC roles that give secret access in other namespaces to the lb controller"
+}
+
+variable "role_name" {
+  type = string
+  default     = null
+  description = "Optional Parameter to override the naming convention used '<cluster-name>-alb-ingress' role name"
 }
diff --git a/iam.tf b/iam.tf
@@ -1,3 +1,7 @@
+locals {
+  role_name = var.role_name==null ? "${var.cluster_name}-alb-ingress" : var.role_name
+}
+
 # Policy
 data "aws_iam_policy_document" "lb_controller" {
   count = var.enabled ? 1 : 0
@@ -326,7 +330,7 @@ data "aws_iam_policy_document" "lb_controller" {
 resource "aws_iam_policy" "lb_controller" {
   depends_on  = [var.mod_dependency]
   count       = var.enabled ? 1 : 0
-  name        = "${var.cluster_name}-alb-ingress"
+  name        = local.role_name
   path        = "/"
   description = "Policy for alb-ingress service"
 
@@ -360,7 +364,7 @@ data "aws_iam_policy_document" "lb_controller_assume" {
 
 resource "aws_iam_role" "lb_controller" {
   count              = var.enabled ? 1 : 0
-  name               = "${var.cluster_name}-alb-ingress"
+  name               = local.role_name
   assume_role_policy = data.aws_iam_policy_document.lb_controller_assume[0].json
 }