mycroft/avx-pmarie-aws-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6a8f1010e0
avx-pmarie-aws-infra/modules/eks-addon-csi-ebs/data.tf
Patrick MARIE 188cf2679c Initial commit.
2022-07-01 14:12:11 +02:00

29 lines
721 B
HCL
Raw Blame History

data "aws_eks_cluster_auth" "self" {
name = var.eks_cluster_id
}
data "aws_iam_policy_document" "self_assume_role_policy" {
statement {
actions = ["sts:AssumeRoleWithWebIdentity"]
effect = "Allow"
condition {
test = "StringEquals"
variable = "${replace(var.eks_cluster_oidc_issuer_url, "https://", "")}:sub"
values = ["system:serviceaccount:kube-system:ebs-csi-controller-sa"]
}
condition {
test = "StringEquals"
variable = "${replace(var.eks_cluster_oidc_issuer_url, "https://", "")}:aud"
values = ["sts.amazonaws.com"]
}
principals {
identifiers = [
var.eks_oidc_provider_arn
]
type = "Federated"
}
}
}
Reference in New Issue View Git Blame Copy Permalink