Update IAM role names

wso2 · Mar 8, 2024 · df1cf5b · df1cf5b
1 parent e60d62c
commit df1cf5b
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 18 deletions.
diff --git a/modules/aws/EKS-Cluster/data.tf b/modules/aws/EKS-Cluster/data.tf
@@ -57,7 +57,7 @@ data "aws_iam_policy_document" "cluster_lb_sts_policy" {
   ]
 }
 
-data "aws_iam_policy_document" "cluster_container_cloudwatch_streamer_sts_policy" {
+data "aws_iam_policy_document" "cluster_container_cloudwatch_fluent_bit_agent_sts_policy" {
   statement {
     actions = ["sts:AssumeRoleWithWebIdentity"]
     effect  = "Allow"
@@ -77,7 +77,7 @@ data "aws_iam_policy_document" "cluster_container_cloudwatch_streamer_sts_policy
   ]
 }
 
-data "aws_iam_policy_document" "cluster_cloudwatch_sts_policy" {
+data "aws_iam_policy_document" "cluster_cloudwatch_agent_sts_policy" {
   statement {
     actions = ["sts:AssumeRoleWithWebIdentity"]
     effect  = "Allow"

diff --git a/modules/aws/EKS-Cluster/iam_role.tf b/modules/aws/EKS-Cluster/iam_role.tf
@@ -376,21 +376,21 @@ resource "aws_iam_role_policy_attachment" "cluster_loadbalancer_policy_attach" {
 }
 
 # IAM Role for CloudWatch Agents
-resource "aws_iam_role" "cluster_container_cloudwatch_streamer_role" {
-  assume_role_policy = data.aws_iam_policy_document.cluster_container_cloudwatch_streamer_sts_policy.json
+resource "aws_iam_role" "cluster_container_cloudwatch_fluent_bit_agent_role" {
+  assume_role_policy = data.aws_iam_policy_document.cluster_container_cloudwatch_fluent_bit_agent_sts_policy.json
   name               = join("-", [var.project, var.application, var.environment, var.region, "eks-cluster-ccw-iam-role"])
 
   depends_on = [
-    data.aws_iam_policy_document.cluster_container_cloudwatch_streamer_sts_policy
+    data.aws_iam_policy_document.cluster_container_cloudwatch_fluent_bit_agent_sts_policy
   ]
 }
 
-resource "aws_iam_role_policy_attachment" "cluster_container_cloudwatch_streamer_policy_attach" {
-  role       = aws_iam_role.cluster_container_cloudwatch_streamer_role.name
+resource "aws_iam_role_policy_attachment" "cluster_container_cloudwatch_fluent_bit_agent_policy_attach" {
+  role       = aws_iam_role.cluster_container_cloudwatch_fluent_bit_agent_role.name
   policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
 
   depends_on = [
-    aws_iam_role.cluster_container_cloudwatch_streamer_role
+    aws_iam_role.cluster_container_cloudwatch_fluent_bit_agent_role
   ]
 }
 
@@ -437,20 +437,20 @@ resource "aws_iam_role_policy_attachment" "cluster_efs_csi_driver_role_policy_at
 }
 
 # CloudWatch Agent Policy
-resource "aws_iam_role" "cluster_cloudwatch_role" {
-  assume_role_policy = data.aws_iam_policy_document.cluster_cloudwatch_sts_policy.json
+resource "aws_iam_role" "cluster_cloudwatch_agent_role" {
+  assume_role_policy = data.aws_iam_policy_document.cluster_cloudwatch_agent_sts_policy.json
   name               = join("-", [var.project, var.application, var.environment, var.region, "eks-cluster-cw-iam-role"])
 
   depends_on = [
     data.aws_iam_policy_document.cluster_efs_csi_driver_sts_policy
   ]
 }
 
-resource "aws_iam_role_policy_attachment" "cluster_cloudwatch_role_policy_attach" {
-  role       = aws_iam_role.cluster_cloudwatch_role.name
+resource "aws_iam_role_policy_attachment" "cluster_cloudwatch_agent_role_policy_attach" {
+  role       = aws_iam_role.cluster_cloudwatch_agent_role.name
   policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
 
   depends_on = [
-    aws_iam_role.cluster_cloudwatch_role
+    aws_iam_role.cluster_cloudwatch_agent_role
   ]
 }
diff --git a/modules/aws/EKS-Cluster/outputs.tf b/modules/aws/EKS-Cluster/outputs.tf
@@ -29,13 +29,13 @@ output "lb_role_arn" {
   value      = aws_iam_role.cluster_loadbalancer_role.arn
   depends_on = [aws_iam_role.cluster_loadbalancer_role]
 }
-output "cloudwatch_streamer_role_arn" {
-  value      = aws_iam_role.cluster_container_cloudwatch_streamer_role.arn
-  depends_on = [aws_iam_role.cluster_container_cloudwatch_streamer_role]
+output "cloudwatch_fluent_bit_agent_role_arn" {
+  value      = aws_iam_role.cluster_container_cloudwatch_fluent_bit_agent_role.arn
+  depends_on = [aws_iam_role.cluster_container_cloudwatch_fluent_bit_agent_role]
 }
 output "cloudwatch_agent_role_arn" {
-  value      = aws_iam_role.cluster_cloudwatch_role.arn
-  depends_on = [aws_iam_role.cluster_cloudwatch_role]
+  value      = aws_iam_role.cluster_cloudwatch_agent_role.arn
+  depends_on = [aws_iam_role.cluster_cloudwatch_agent_role]
 }
 output "ebs_csi_driver_role_arn" {
   value      = var.enable_ebs_csi_driver ? aws_iam_role.cluster_ebs_csi_driver_role[0].arn : null