This code started as a one-off usecase we had at @rhythmic where we needed to delegate access to an old AKS cluster. It was interesting enough to get turned into a blog post/terraform module! You can check it out here: rhythmictech.com/blog/generating-new-kubernetes-users-with-terraform/
Requirements
Name
Version
terraform
>= 0.12.0
kubernetes
~> 1.11.0
local
~> 1.4
tls
~> 2.1
Providers
Name
Version
kubernetes
~> 1.11.0
local
~> 1.4
tls
~> 2.1
Inputs
Name
Description
Type
Default
Required
cluster_ca_certificate
PEM-encoded root certificates bundle for TLS authentication.
string
n/a
yes
cluster_name
Name of the K8s cluster
string
n/a
yes
host
The hostname (in form of URI) of Kubernetes master.
string
n/a
yes
name
Moniker to apply to all resources in the module
string
n/a
yes
namespace
Kubernetes namespace to populate
string
n/a
yes
kubeconfig_file_name
Path to kubeconfig file used to request CSR approval
string
"~/.kube/config"
no
labels
User-Defined labels for k8s resources
map(string)
{}
no
namespace_admins
Names of the Users who will have access kubernetes cluster/namespace
list(string)
[]
no
namespace_admins_rule
APIGroups, resources, and verbs that define the namespace admin access