eso-trusted-profile

ESO Trusted Profile Module

This module allows to create and configure an Trusted Profile to authenticate with ESO operator.

For more information about Trusted Profiles refer to the IBM Cloud documentation available here

Requirements

Name	Version
terraform	>= 1.0.0
ibm	>= 1.51.0

Modules

No modules.

Resources

Name	Type
ibm_iam_trusted_profile.trusted_profile	resource
ibm_iam_trusted_profile_claim_rule.claim_rule	resource
ibm_iam_trusted_profile_policy.policy	resource
ibm_iam_trusted_profile_policy.policy_multiple_secrets_groups	resource

Inputs

Name	Description	Type	Default	Required
secret_groups_id	The list of secret groups to limit access to for the trusted profile to create.	list(string)	[]	no
secrets_manager_guid	Secrets manager instance GUID where secrets will be stored or fetched from and the trusted profile will allow access to.	string	n/a	yes
tp_cluster_crn	Target cluster CRN for the trusted profile. Used when creating trusted profile	string	n/a	yes
tp_namespace	Namespace to configure in the Trusted Profile on IAM. Its value must be the namespace where the operator is deployed and running.	string	n/a	yes
trusted_profile_claim_rule_type	Trusted profile claim rule type, set the value to 'ROKS_SA' for ROKS clusters, set to ROKS for IKS clusters	string	"ROKS_SA"	no
trusted_profile_name	The name of the trusted profile to be used. This allows ESO to use CRI based authentication to access secrets manager. The trusted profile must be created in advance	string	n/a	yes

Outputs

Name	Description
trusted_profile_id	ID of the trusted profile
trusted_profile_name	Name of the trusted profile