github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-04-17 22:39:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: Dynamic Partition for IRSA to support AWS-CN Deployments (#1028)

Browse Source
This commit is contained in:
Lorenzo Aiello
2020-10-04 11:49:41 -07:00
committed by GitHub
parent 594602f75a
commit f0ae6c6751
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
irsa.tf
View File

@@ -9,7 +9,7 @@
resource "aws_iam_openid_connect_provider" "oidc_provider" { resource "aws_iam_openid_connect_provider" "oidc_provider" {
count = var.enable_irsa && var.create_eks ? 1 : 0 count = var.enable_irsa && var.create_eks ? 1 : 0
client_id_list = ["sts.amazonaws.com"] client_id_list = [local.sts_principal]
thumbprint_list = [var.eks_oidc_root_ca_thumbprint] thumbprint_list = [var.eks_oidc_root_ca_thumbprint]
url = flatten(concat(aws_eks_cluster.this[*].identity[*].oidc.0.issuer, [""]))[0] url = flatten(concat(aws_eks_cluster.this[*].identity[*].oidc.0.issuer, [""]))[0]
} }

1
local.tf
View File

@@ -31,6 +31,7 @@ locals {
) )
ec2_principal = "ec2.${data.aws_partition.current.dns_suffix}" ec2_principal = "ec2.${data.aws_partition.current.dns_suffix}"
sts_principal = "sts.${data.aws_partition.current.dns_suffix}"
policy_arn_prefix = "arn:${data.aws_partition.current.partition}:iam::aws:policy" policy_arn_prefix = "arn:${data.aws_partition.current.partition}:iam::aws:policy"
workers_group_defaults_defaults = { workers_group_defaults_defaults = {