From ab412fb060a4ce329a36008aa4f6ccdfba3a9868 Mon Sep 17 00:00:00 2001
From: Eytan Hanig <eytanhanig@users.noreply.github.com>
Date: Fri, 3 Jan 2020 05:25:09 -0800
Subject: [PATCH] Add the OIDC provider ARN to outputs (#653)

---
 CHANGELOG.md | 1 +
 README.md    | 1 +
 outputs.tf   | 5 +++++
 3 files changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a5864e6..e19b8c6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 - Fix aws-auth config map for managed node groups (by @wbertelsen)
 - Added support to create IAM OpenID Connect Identity Provider to enable EKS Identity Roles for Service Accounts (IRSA). (by @alaa)
 - Adding node group iam role arns to outputs. (by @mukgupta)
+- Added the OIDC Provider ARN to outputs. (by @eytanhanig)
 - **Breaking:** Change logic of security group whitelisting. Will always whitelist worker security group on control plane security group either provide one or create new one. See Important notes below for upgrade notes (by @ryanooi)
 
 #### Important notes
diff --git a/README.md b/README.md
index 23ccb7a..059e132 100644
--- a/README.md
+++ b/README.md
@@ -219,6 +219,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | kubeconfig | kubectl config file contents for this EKS cluster. |
 | kubeconfig\_filename | The filename of the generated kubectl config. |
 | node\_groups\_iam\_role\_arns | IAM role ARNs for EKS node groups |
+| oidc\_provider\_arn | The ARN of the OIDC Provider if `enable_irsa = true`. |
 | worker\_autoscaling\_policy\_arn | ARN of the worker autoscaling IAM policy if `manage_worker_autoscaling_policy = true` |
 | worker\_autoscaling\_policy\_name | Name of the worker autoscaling IAM policy if `manage_worker_autoscaling_policy = true` |
 | worker\_iam\_instance\_profile\_arns | default IAM instance profile ARN for EKS worker groups |
diff --git a/outputs.tf b/outputs.tf
index 213f2ca..34e0064 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -63,6 +63,11 @@ output "kubeconfig_filename" {
   value       = concat(local_file.kubeconfig.*.filename, [""])[0]
 }
 
+output "oidc_provider_arn" {
+  description = "The ARN of the OIDC Provider if `enable_irsa = true`."
+  value       = var.enable_irsa ? aws_iam_openid_connect_provider.oidc_provider[0].arn : null
+}
+
 output "workers_asg_arns" {
   description = "IDs of the autoscaling groups containing workers."
   value = concat(