From 7436178cc1a720a066c73f1de23b04b3c24ae608 Mon Sep 17 00:00:00 2001
From: ThetaSinner <ThetaSinner@users.noreply.github.com>
Date: Tue, 22 Nov 2022 16:16:39 +0000
Subject: [PATCH] fix: Include all certificate fingerprints in the OIDC
 provider thumbprint list (#2307)

Co-authored-by: gdjensen <gjensen@tradewelltech.co>
---
 main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index a17d4a1..3ed4eda 100644
--- a/main.tf
+++ b/main.tf
@@ -213,7 +213,7 @@ resource "aws_iam_openid_connect_provider" "oidc_provider" {
   count = local.create && var.enable_irsa ? 1 : 0
 
   client_id_list  = distinct(compact(concat(["sts.${local.dns_suffix}"], var.openid_connect_audiences)))
-  thumbprint_list = concat([data.tls_certificate.this[0].certificates[0].sha1_fingerprint], var.custom_oidc_thumbprints)
+  thumbprint_list = concat(data.tls_certificate.this[0].certificates[*].sha1_fingerprint, var.custom_oidc_thumbprints)
   url             = aws_eks_cluster.this[0].identity[0].oidc[0].issuer
 
   tags = merge(