feat: Add variable to provide additional OIDC thumbprints#1865
Conversation
…ble and concatenate it on aws_iam_openid_connect_provider.oidc_provider.thumbprint_list
|
please update title to |
c6-fviana
changed the title
bryantbiggs
left a comment
bryantbiggs
left a comment
There was a problem hiding this comment.
@antonbabenko the title will need to be tweaked slightly (prepend feat: , but otherwise its good to go 👍🏽
c6-fviana
changed the title
c6-fviana
changed the title
|
@c6-fviana this is a new piece of functionality so the title should be as I stated above |
c6-fviana
changed the title
OK! I updated it |
|
@antonbabenko this should be ready to go as well if you get some time |
## [18.7.0](v18.6.1...v18.7.0) (2022-02-15) ### Features * Add variable to provide additional OIDC thumbprints ([#1865](#1865)) ([3fc9f2d](3fc9f2d))
|
This PR is included in version 18.7.0 🎉 |
## [18.7.0](terraform-aws-modules/terraform-aws-eks@v18.6.1...v18.7.0) (2022-02-15) ### Features * Add variable to provide additional OIDC thumbprints ([#1865](terraform-aws-modules/terraform-aws-eks#1865)) ([caf4b9b](terraform-aws-modules/terraform-aws-eks@caf4b9b))
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
3 participants
In the 17.x I was using a custom internal thumbprint for OIDC.
On new clusters provisioned by 18.x I had some problems to assume role by webIdentity due thumbprint check errors
I'm include a custom_oidc_thumbprints variable and concatenate it on aws_iam_openid_connect_provider.oidc_provider.thumbprint_list
Description
It allow us to include additional CA thumbprints for Identity Providers
Motivation and Context
Nowadays we have to use custom CA to allow access on remote endpoints our workloads doesn't working
Breaking Changes
There is no breaking changes
How Has This Been Tested?
I tested this feature setting a new thumbprint and as expected the new item was included on thumbprint list.
Was possible to see the chages on AWS Console in IAM > Identity Providers > $PROVIDER > Thumbprints