Skip to content

Commit

Permalink
remove kiam leftovers
Browse files Browse the repository at this point in the history
  • Loading branch information
Berk Dehrioglu committed Sep 21, 2023
1 parent 2e7e5f7 commit 887d764
Show file tree
Hide file tree
Showing 4 changed files with 0 additions and 89 deletions.
34 changes: 0 additions & 34 deletions controllers/awsmachinetemplate_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -328,41 +328,7 @@ var _ = Describe("AWSMachineTemplateReconciler", func() {

ReturnRoleArn: "arn:aws:iam::12345678:role/the-profile",
},

// KIAM
{
ExpectedName: "test-cluster-IAMManager-Role",

ExpectedAssumeRolePolicyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::12345678:role/the-profile"
},
"Action": "sts:AssumeRole"
}
]
}
`,

ExpectedPolicyName: "control-plane-test-cluster-policy",
ExpectedPolicyDocument: `{
"Version": "2012-10-17",
"Statement": {
"Action": "sts:AssumeRole",
"Resource": "*",
"Effect": "Allow"
}
}
`,

ReturnRoleArn: "arn:aws:iam::999666333:role/test-cluster-IAMManager-Role",
},

externalDnsRoleInfo,

certManagerRoleInfo,
ALBControllerRoleInfo,
}
Expand Down
21 changes: 0 additions & 21 deletions controllers/common_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,6 @@ var certManagerRoleInfo = RoleInfo{
ExpectedAssumeRolePolicyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::999666333:role/test-cluster-IAMManager-Role"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Principal": {
Expand Down Expand Up @@ -72,13 +65,6 @@ var externalDnsRoleInfo = RoleInfo{
ExpectedAssumeRolePolicyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::999666333:role/test-cluster-IAMManager-Role"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Principal": {
Expand Down Expand Up @@ -127,13 +113,6 @@ var ALBControllerRoleInfo = RoleInfo{
ExpectedAssumeRolePolicyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::999666333:role/test-cluster-IAMManager-Role"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Principal": {
Expand Down
27 changes: 0 additions & 27 deletions pkg/iam/iam.go
Original file line number Diff line number Diff line change
Expand Up @@ -180,39 +180,12 @@ func (s *IAMService) generateRoute53RoleParams(roleTypeToReconcile string, awsAc
return Route53RoleParams{}, err
}

var principalRoleARN string
if s.principalRoleARN != "" {
principalRoleARN = s.principalRoleARN
} else {
i := &awsiam.GetRoleInput{
RoleName: aws.String(roleName(KIAMRole, s.clusterName)),
}

o, err := s.iamClient.GetRole(i)
if err != nil {
s.log.Error(err, "failed to fetch KIAM role")
return Route53RoleParams{}, err
}

principalRoleARN = *o.Role.Arn
}

if s.roleType == KIAMRole {
params := Route53RoleParams{
EC2ServiceDomain: ec2ServiceDomain(s.region),
PrincipalRoleARN: principalRoleARN,
}

return params, nil
}

params := Route53RoleParams{
EC2ServiceDomain: ec2ServiceDomain(s.region),
AccountID: awsAccountID,
CloudFrontDomain: cloudFrontDomain,
Namespace: namespace,
ServiceAccount: serviceAccount,
PrincipalRoleARN: principalRoleARN,
}

return params, nil
Expand Down
7 changes: 0 additions & 7 deletions pkg/iam/route53_template.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,6 @@ package iam
const trustIdentityPolicyKIAMAndIRSA = `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "{{.PrincipalRoleARN}}"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Principal": {
Expand Down

0 comments on commit 887d764

Please sign in to comment.