Closed applike-ss closed 2 years ago
@applike-ss Hi, as you might have notice in https://github.com/particuleio/teks/pull/133, to enable multi-account support, you need to use a dedicated assume role in the terragrunt.hcl in each environment.
For example if using AWS Organization / SSO:
More information here
Thanks, that's what i'm trying right now.
Having some issues still like #134, however i am refactoring it a bit so i don't actually need the kms module.
i got my cluster up and running, though not with all the addons that it should have. closing it and creating a new one for the current issue
I am trying out this template for EKS cluster creation right now.
While doing the apply, i was wondering why my vpc endpoint resources did not show up in the new subaccount that i created.
Turns out they were created in the main account i was using, even though i set
aws_account_id
to the sub account.That is not ideal or obvious to a new user and i assume it also is a bug?
These resources i can see in my main account, which should be in the new sub account instead:
I see that it says in the requirements
[AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) configured with the account you want to deploy into
, however my assumption was that my profile should have the permissions needed to create the resources.Why else would there be a
aws_account_id
variable?It seems i will have to use the
iam_role
option then to enforce where to spawn the resources, will check that out.When destroying the incorrectly created resources, i do now get:
not ideal, because we wanted to use flux2 without github. Will try that again with a demo url set.
Setting a demo url did actually not let me remove the resources, so i manually removed them.