Kubernetes Namespace

Provision a best practices Kubernetes Namespace on any Kubernetes Cluster.

View on GitHub

Reference

Inputs

• annotations — Map of string key default pairs that can be used to store arbitrary metadata on the namespace and roles. See the Kubernetes Reference for more info (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).

• eks_cluster_name — Name of the EKS cluster where the Namespace will be created. Required when schedule_pods_on_fargate is true.

• full_access_rbac_entities — The list of RBAC entities that should have full access to the Namespace.

• labels — Map of string key value pairs that can be used to organize and categorize the namespace and roles. See the Kubernetes Reference for more info (https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).

• name — Name of the Namespace to create.

• pod_execution_iam_role_arn — ARN of IAM Role to use as the Pod execution role for Fargate. Required if schedule_pods_on_fargate is true.

• read_only_access_rbac_entities — The list of RBAC entities that should have read only access to the Namespace.

• schedule_pods_on_fargate — When true, will create a Fargate Profile that matches all Pods in the Namespace. This means that all Pods in the Namespace will be scheduled on Fargate. Note that this value is only used if kubeconfig_auth_type is eks, as Fargate profiles can only be created against EKS clusters.

• worker_vpc_subnet_ids — The subnet IDs to use for EKS worker nodes. Used when provisioning Pods on to Fargate. At least 1 subnet is required if schedule_pods_on_fargate is true.

Outputs

• namespace_name — The name of the created namespace.

• namespace_rbac_access_all_role — The name of the rbac role that grants admin level permissions on the namespace.

• namespace_rbac_access_read_only_role — The name of the rbac role that grants read only permissions on the namespace.