[Enhancement]: Add support for EKS Addon Pod Identity Associations

[JoeNorth]

Description

The EKS CreateAddon and UpdateAddon APIs have been updated to support adding a Pod Identity association to an addon using the podIdentityAssociations parameter.

Each API accepts this parameter in the form of:

{
   "podIdentityAssociations": [ 
      { 
         "roleArn": "string",
         "serviceAccount": "string"
      }
   ]
}

Affected Resource(s) and/or Data Source(s)

• aws_eks_addon

Potential Terraform Configuration

resource "aws_eks_addon" "example" {
  cluster_name           = aws_eks_cluster.example.name
  addon_name             = "vpc-cni"
  pod_identity_associations = [
    {
      roleArn = aws_iam_role.vpc_cni.arn
      serviceAccount = "aws-node"
    }
  ]
}

References

CreateAddon - https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html#AmazonEKS-CreateAddon-request-podIdentityAssociations

UpdateAddon - https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html#AmazonEKS-UpdateAddon-request-podIdentityAssociations

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[bryantbiggs]

on it

[aristosvo]

@bryantbiggs I've taken a quick look as well, didn't know the best way to make up for the difference in input variables and the returned ID string in the response. Curious what the way to go is in the AWS provider for such situations!