Avoid hardcoded thumbprint_list in aws_iam_openid_connect_provider #270
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…icial terraform example code: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabling-iam-roles-for-service-accounts Signed-off-by: Till Kuhn <till.kuhn@dbschenker.com>
…llkuhn/terraform-aws-eks into oidc-connect-provider-dyna-thumbprint
|
@Young-ook sorry, I did not know that commit signing is mandatory. I tried to "git commit amend" the previous commit in my branch, but git is giving me a hard time with the history. I think the easiest way for me is to create a fresh PR with a signed commit. I'll try now! |
|
@Young-ook See new PR #271 (same code but with signed commit), this one should work! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
With hashicorp/terraform-provider-tls#62 we can now read the fingerprints from the server certificate chain dynamically, so there's no longer a need to hardcode
thumbprint_listin theaws_iam_openid_connect_providerresource. This should make the code more compatible and robust, see also Enabling IAM Roles for Service Accounts in the official terraform documentation. Thanks for your project, it is a great source of inspiration for setting up EKS with Terraform.