From 199d3c78c2482a4218916189e8706edb449210ee Mon Sep 17 00:00:00 2001
From: kfc-manager <kilianc0709@gmail.com>
Date: Wed, 3 Apr 2024 19:24:34 +0200
Subject: [PATCH] fix: added policy for deployments and pods show in web
 console

---
 main.tf | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/main.tf b/main.tf
index b145df5..9080fd1 100644
--- a/main.tf
+++ b/main.tf
@@ -20,6 +20,28 @@ resource "aws_iam_role" "master" {
   tags = var.tags
 }
 
+data "aws_iam_policy_document" "console" {
+  statement {
+    effect = "Allow"
+
+    actions = ["eks:AccessKubernetesApi"]
+
+    resources = ["*"]
+  }
+}
+
+resource "aws_iam_policy" "console" {
+  name  = "${var.identifier}-WebConsoleEKSMonitoring"
+  policy = data.aws_iam_policy_document.console.json
+
+  tags = var.tags
+}
+
+resource "aws_iam_role_policy_attachment" "console" {
+  policy_arn = aws_iam_policy.console.arn
+  role       = aws_iam_role.master.name
+}
+
 resource "aws_iam_role_policy_attachment" "cluster" {
   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
   role       = aws_iam_role.master.name