From 93065fabdf508267b399f677d561f18fd6d7b7f0 Mon Sep 17 00:00:00 2001 From: Igor Brites Date: Tue, 9 Aug 2022 15:06:39 -0400 Subject: [PATCH] feat: Default to clusters OIDC issuer URL for `aws_eks_identity_provider_config` (#2190) feat: setting oidc issuer as default option for aws_eks_identity_provider_config Co-authored-by: Bryant Biggs --- examples/complete/main.tf | 7 +++++++ main.tf | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 55fc8bf38c..112e3b531d 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -196,6 +196,13 @@ module "eks" { } } + # OIDC Identity provider + cluster_identity_providers = { + sts = { + client_id = "sts.amazonaws.com" + } + } + # aws-auth configmap manage_aws_auth_configmap = true diff --git a/main.tf b/main.tf index 593ab775a9..6b0dc66ecc 100644 --- a/main.tf +++ b/main.tf @@ -369,7 +369,7 @@ resource "aws_eks_identity_provider_config" "this" { groups_claim = lookup(each.value, "groups_claim", null) groups_prefix = lookup(each.value, "groups_prefix", null) identity_provider_config_name = try(each.value.identity_provider_config_name, each.key) - issuer_url = each.value.issuer_url + issuer_url = try(each.value.issuer_url, aws_eks_cluster.this[0].identity[0].oidc[0].issuer) required_claims = lookup(each.value, "required_claims", null) username_claim = lookup(each.value, "username_claim", null) username_prefix = lookup(each.value, "username_prefix", null)