forked from spectrocloud/gitops-tf-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
account-aws.tf
38 lines (33 loc) · 1.17 KB
/
account-aws.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
locals {
account_files = fileset("${path.module}/config", "account-aws-*.yaml")
accounts = {
for k in local.account_files :
trimsuffix(k, ".yaml") => yamldecode(file("config/${k}"))
}
# TODO refactor to separate file
account_ids = merge({
picard-vc2 = "609946e4dba160e6c97aa130"
}, {
for k, v in spectrocloud_cloudaccount_aws.this :
v.name => v.id
})
# rbac_yaml = yamldecode(file("rbac.yaml"))
# rbac_all_crb = lookup(local.rbac_yaml.all_accounts, "accountRoleBindings", [])
# rbac_all_rb = lookup(local.rbac_yaml.all_accounts, "namespaces", [])
# rbac_map = {
# for k, v in local.rbac_yaml.accounts :
# k => {
# accountRoleBindings = concat(local.rbac_all_crb, lookup(v, "accountRoleBindings", []))
# namespaces = concat(local.rbac_all_rb, lookup(v, "namespaces", []))
# }
# }
}
################################ accounts ####################################################
# Create the VMware account
resource "spectrocloud_cloudaccount_aws" "this" {
for_each = local.accounts
type = "sts"
name = each.value.name
arn = each.value.arn
external_id = each.value.external_id
}