Skip to content

v1.1.0

Choose a tag to compare

View all tags
@cloudposse-releaser cloudposse-releaser released this 14 Aug 15:13
· 5 commits to main since this release
v1.1.0
6b3f5f4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
port #137 - feat: add possibiblity to use AWS IAM roles for service accounts @goruha (#209) Port of #137

what

  • To allow usage of AWS IRSA the assume role policy of the created IAM role needs to be adapted, therefore an additional (and optional) statement for the sts:AssumeRoleWithWebIdentity action was added
  • To decouple sts:AssumeRole for the Service and the AWS principal types all statements have been split into separate blocks

why

  • To allow usage of AWS IAM roles inside of EKS AWS
  • more secure than handling AWS access keys and secrets

references

Contributors

goruha
Assets 2
Loading