EKS: Automatically associate OIDC provider

pvcy / enterprise-install

Setup Privacy Dynamics software stack on variety of Cloud Prem scenarios including AWS, GKE etc.

0 stars 0 forks source link

EKS: Automatically associate OIDC provider #22

Open michael-chambers opened 2 months ago

michael-chambers commented 2 months ago

Our current Terraform asks for the URL of an OIDC provider that is already associated with the cluster. Our most common use-case is to associate the OIDC provider AWS creates along with the cluster and then use that for IRSA. We should be able to do that association in the iamserviceaccounts module by declaring an aws_eks_cluster data source, then creating an aws_iam_openid_connect_provider resource that refers to the identity attribute from the cluster data source.

michael-chambers commented 2 months ago

Do I need to do some equivalent of this for Azure? GCP?