fix: Properly configure fully qualified audiences

amontalban commented 2 months ago

Description

This PR configures properly the policy to use StringEquals when using fully qualified audiences and uses StringLike when using newly added var for wildcards oidc_audiences_with_wildcards.

Motivation and Context

This should do what the user is expecting (Configuring exact audiences), although the StringLike works it might not be the user's expectation.

Breaking Changes

This is a breaking change for people that could have configured wildcards using oidc_fully_qualified_audiences variable as it will now configure StringEquals as conditional.

How Has This Been Tested?

[X] I have updated at least one of the examples/* to demonstrate and validate my change(s)
[x] I have tested and validated these changes using one or more of the provided examples/* projects
[X] I have executed pre-commit run -a on my pull request

github-actions[bot] commented 1 month ago

This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 10 days

github-actions[bot] commented 3 weeks ago

This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 10 days

github-actions[bot] commented 1 week ago

This PR was automatically closed because of stale in 10 days

terraform-aws-modules / terraform-aws-iam