additional_admin_role_principals |
List of additional role principal ARNs. Principals are able to directly assume admin role. |
list(string) |
[] |
no |
additional_developer_role_principals |
List of additional role principal ARNs. Principals are able to directly assume developer role. |
list(string) |
[] |
no |
admin_kubernetes_role_rules |
Standard set of Kubernetes role rules to add to admin group. If not changed, it contains safe, namespace-scoped defaults fitting most use case cases. |
list(object({ resources = list(string) api_groups = list(string) verbs = list(string) })) |
null |
no |
admin_kubernetes_role_rules_extra |
Additional Kubernetes role rules to add to admin group. |
list(object({ resources = list(string) api_groups = list(string) verbs = list(string) })) |
[] |
no |
administrators |
List of IAM user names that will be added to administrators group. |
list(string) |
[] |
no |
administrators_iam_policies |
{ name: arn } map of policies to attach to administrators group. |
map(string) |
{} |
no |
create_ci_iam_user |
Whether to create a dedicated IAM user for CI |
bool |
false |
no |
developer_kubernetes_role_rules |
Standard set of Kubernetes role rules to add to developer group. If not changed, it contains safe defaults fitting most use case cases. |
list(object({ resources = list(string) api_groups = list(string) verbs = list(string) })) |
null |
no |
developer_kubernetes_role_rules_extra |
Additional Kubernetes role rules to add to developer group. |
list(object({ resources = list(string) api_groups = list(string) verbs = list(string) })) |
[] |
no |
developers |
List of IAM user names that will be added to developers group. |
list(string) |
[] |
no |
developers_iam_policies |
{ name: arn } map of policies to attach to developers group. |
map(string) |
{} |
no |
ecr_arn_list |
ECR repository ARN list. If not provided there will be created ECR repo with the same name as namespace |
list(string) |
[] |
no |
iam_path |
AWS IAM base path for all resources created for namespace |
string |
null |
no |
labels |
Labels that are going to be attached to namespace |
map(string) |
{} |
no |
namespace |
The name of namespace to be created on a cluster |
string |
n/a |
yes |