mthoretton
commented
3 years ago "as long as the issuer URL is publicly available." Actually this part is kind of blocking for us, so we'll keep kube-oidc-proxy.
Maybe it's worth updating the README to mention EKS support public OIDC compatible identity providers 🤷
IIRC this is actually possible for some months now. Maybe it was simply not officaily supported until now.
https://github.com/aws/containers-roadmap/issues/166#issuecomment-778519901
I will try ASAP and update if it works. If so, that means
kube-oidc-proxyshould not be needed anynore for EKS 🎉 Even though it's a great tool and it's been working perfectly for months it would be nice to remove a layer from k8s stack 😅