fatmcgav
commented
4 months ago @bryantbiggs Any chance of a review on this one? π
Closed fatmcgav closed 2 months ago
fatmcgav
commented
4 months ago @bryantbiggs Any chance of a review on this one? π
fatmcgav
commented
3 months ago @bryantbiggs / @antonbabenko Any chance of a review on this one? π
github-actions[bot]
commented
2 months ago This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 10 days
maor-paz-hs
commented
2 months ago bump
bryantbiggs
commented
2 months ago why are we creating examples that look like users should be using https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-role-for-service-accounts-eks ?
fatmcgav
commented
2 months ago why are we creating examples that look like users should be using https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-role-for-service-accounts-eks ?
So for my use case, I needed to be able to add an inline policy to a role that's assumed by a 3rd party service, not by EKS...
bryantbiggs
commented
2 months ago that doesn't really explain why the examples added are IRSA related?
fatmcgav
commented
2 months ago that doesn't really explain why the examples added are IRSA related?
Ah, ok... that was probably a poor copy'n'paste on my part... Will re-work to show a CircleCI related example...
bryantbiggs
commented
2 months ago thank you - it doesn't have to fully function, you can make up OIDC provider details just to demonstrate the point (i.e. - we don't test whether the authentication flow between the role and the OIDC provider works correctly)
and the implementation is currently quite lacking - here is a reference that is closer to what we could support https://github.com/terraform-aws-modules/terraform-aws-eks/pull/3087
fatmcgav
commented
2 months ago and the implementation is currently quite lacking - here is a reference that is closer to what we could support terraform-aws-modules/terraform-aws-eks#3087
Nice... I'll replicate here π
fatmcgav
commented
2 months ago RIght, I've pushed a couple of updates based on the changes from https://github.com/terraform-aws-modules/terraform-aws-eks/pull/3087 and also tweaked the oidc examples to reference CircleCI.
@bryantbiggs Let me know what you think π
antonbabenko
commented
2 months ago This PR is included in version 5.40.0 :tada:
github-actions[bot]
commented
1 month ago I'm going to lock this pull request because it has been closed for 30 days β³. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Description
This commit adds support for creating an inline policy for an IAM role to the
iam-assumable-role-with-oidcandiam-assumable-rolemodules.Also updated examples for these modules.
Motivation and Context
Allows creation of an IAM role with an inline policy.
Breaking Changes
None
How Has This Been Tested?
examples/*to demonstrate and validate my change(s)examples/*projectspre-commit run -aon my pull request