/kosmos/fleets/csp-account-federation/Recent content in Setup federation for CSP's onHugo -- gohugo.ioen-US/kosmos/fleets/csp-account-federation/setup-federation-for-aws/Mon, 01 Jan 0001 00:00:00 +0000/kosmos/fleets/csp-account-federation/setup-federation-for-aws/This module provisions IAM resources in AWS for Kosmos to authenticate via OIDC and create EKS clusters. It includes: An IAM Role for Kosmos with a Trust Policy defining who can assume the role. A Permissions Policy granting Kosmos the necessary permissions to create an EKS cluster. Policy Attachment linking the permissions policy to the IAM role. (Optional) An OIDC Provider Entry in AWS, representing Kosmos as an OIDC provider./kosmos/fleets/csp-account-federation/setup-federation-for-azure/Mon, 01 Jan 0001 00:00:00 +0000/kosmos/fleets/csp-account-federation/setup-federation-for-azure/This module provisions identity resources in Azure for Kosmos to authenticate via OIDC and create AKS clusters. It includes: A Service Principal and an extra application for Kosmos to use in AKS cluster creation. Roles and Role Assignments granting the service principal necessary permissions for AKS cluster creation. OIDC Provider Entry for Kosmos authentication. Variables # Required Variables # Variable Description resource_group_name Name of the Azure resource group where the AKS cluster will be created./kosmos/fleets/csp-account-federation/setup-federation-for-gcp/Mon, 01 Jan 0001 00:00:00 +0000/kosmos/fleets/csp-account-federation/setup-federation-for-gcp/This module provisions IAM resources in GCP for Kosmos to authenticate via OIDC and create GKE clusters. It includes: A Service Account for Kosmos to impersonate using its OIDC token. The required IAM roles attached to the service account. (Optional) A Workload Identity Pool and Provider if an existing one does not exist. Variables # Required Variables # Variable Description oidc_issuer_uri (Required) Issuer URL of the OIDC provider for creating the workload identity provider in GCP./kosmos/fleets/csp-account-federation/setup-federation-for-spc/Mon, 01 Jan 0001 00:00:00 +0000/kosmos/fleets/csp-account-federation/setup-federation-for-spc/Overview # This module provisions IAM resources for Kosmos to create and manage EKS clusters using OIDC authentication. It includes: An IAM Role for Kosmos with an associated Trust Policy to define who can assume the role. A Permissions Policy granting Kosmos the necessary permissions to create EKS clusters. An Attachment linking the permission policy to the IAM role. (Optional) Creation of an OIDC Provider entry in SPC for Kosmos.