Open grosser opened 4 years ago
I'm hitting this issue too, and found it surprising, because i thought that was exactly what --base-role-arn
was supposed to be used for. What is the use case for --base-role-arn
if you can't use it to, you know, change the base?
We run multiple clusters in a single account, so we prefix all roles with that clusters name. Being able to reuse the same
iam.amazonaws.com/role
annotation for all clusters would be 1 less configuration users can get wrong. Atm--base-role-arn=arn:aws:iam::1234:role/cluster-foo-
+iam.amazonaws.com/role: bar
is expanded toarn:aws:iam::1234:role/cluster-foo-/bar
which does not work :(Please either allow an option to not add that extra
/
or even better: do not add that extra/
by default.I can try making a PR for either of these solutions if they make sense.
/cc @uthark