From cc8ce411f28f31206a75a51e48811cbd966972e6 Mon Sep 17 00:00:00 2001 From: baibailiha Date: Fri, 9 Feb 2024 06:02:19 +0800 Subject: [PATCH] feat: Default to clusters OIDC issuer URL for `aws_eks_identity_provider_config` (#2190) feat: setting oidc issuer as default option for aws_eks_identity_provider_config Co-authored-by: Bryant Biggs --- examples/complete/main.tf | 7 +++++++ main.tf | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 55fc8bf..112e3b5 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -196,6 +196,13 @@ module "eks" { } } + # OIDC Identity provider + cluster_identity_providers = { + sts = { + client_id = "sts.amazonaws.com" + } + } + # aws-auth configmap manage_aws_auth_configmap = true diff --git a/main.tf b/main.tf index 593ab77..6b0dc66 100644 --- a/main.tf +++ b/main.tf @@ -369,7 +369,7 @@ resource "aws_eks_identity_provider_config" "this" { groups_claim = lookup(each.value, "groups_claim", null) groups_prefix = lookup(each.value, "groups_prefix", null) identity_provider_config_name = try(each.value.identity_provider_config_name, each.key) - issuer_url = each.value.issuer_url + issuer_url = try(each.value.issuer_url, aws_eks_cluster.this[0].identity[0].oidc[0].issuer) required_claims = lookup(each.value, "required_claims", null) username_claim = lookup(each.value, "username_claim", null) username_prefix = lookup(each.value, "username_prefix", null)