Closed fatmcgav closed 2 months ago
@bryantbiggs Any chance of a review on this one? π
@bryantbiggs / @antonbabenko Any chance of a review on this one? π
This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 10 days
bump
why are we creating examples that look like users should be using https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-role-for-service-accounts-eks ?
why are we creating examples that look like users should be using https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-role-for-service-accounts-eks ?
So for my use case, I needed to be able to add an inline policy to a role that's assumed by a 3rd party service, not by EKS...
that doesn't really explain why the examples added are IRSA related?
that doesn't really explain why the examples added are IRSA related?
Ah, ok... that was probably a poor copy'n'paste on my part... Will re-work to show a CircleCI related example...
thank you - it doesn't have to fully function, you can make up OIDC provider details just to demonstrate the point (i.e. - we don't test whether the authentication flow between the role and the OIDC provider works correctly)
and the implementation is currently quite lacking - here is a reference that is closer to what we could support https://github.com/terraform-aws-modules/terraform-aws-eks/pull/3087
and the implementation is currently quite lacking - here is a reference that is closer to what we could support terraform-aws-modules/terraform-aws-eks#3087
Nice... I'll replicate here π
RIght, I've pushed a couple of updates based on the changes from https://github.com/terraform-aws-modules/terraform-aws-eks/pull/3087 and also tweaked the oidc examples to reference CircleCI.
@bryantbiggs Let me know what you think π
This PR is included in version 5.40.0 :tada:
I'm going to lock this pull request because it has been closed for 30 days β³. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Description
This commit adds support for creating an inline policy for an IAM role to the
iam-assumable-role-with-oidc
andiam-assumable-role
modules.Also updated examples for these modules.
Motivation and Context
Allows creation of an IAM role with an inline policy.
Breaking Changes
None
How Has This Been Tested?
examples/*
to demonstrate and validate my change(s)examples/*
projectspre-commit run -a
on my pull request