Skip to content
This repository has been archived by the owner on Sep 27, 2024. It is now read-only.

Commit

Permalink
actually fix namespace var syntax this time (#37)
Browse files Browse the repository at this point in the history
  • Loading branch information
@markhv-code
markhv-code authored Nov 29, 2023
1 parent afc69eb commit e5771dd
Showing 1 changed file with 2 additions and 7 deletions.
9 changes: 2 additions & 7 deletions role/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,5 @@
data "aws_caller_identity" "current" {}

variable "namespace" {
type = string
default = "${var.NameSpace != null ? var.NameSpace : var.GroupName}"
}

# ROLES
resource "aws_iam_role" "api-service-role" {
name = "${var.GroupName}-api-service-role"
Expand All @@ -27,7 +22,7 @@ resource "aws_iam_role" "api-service-role" {
"Condition": {
"StringEquals": {
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:aud": "sts.amazonaws.com",
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:sub": "system:serviceaccount:${var.namespace}:${var.GroupName}-api-service-account"
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:sub": "system:serviceaccount:${var.NameSpace != null ? var.NameSpace : var.GroupName}:${var.GroupName}-api-service-account"
}
}
}]
Expand Down Expand Up @@ -56,7 +51,7 @@ resource "aws_iam_role" "job-scheduler-service-role" {
"Condition": {
"StringEquals": {
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:aud": "sts.amazonaws.com",
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:sub": "system:serviceaccount:${var.namespace}:${var.GroupName}-job-scheduler-service-account"
"oidc.eks.us-east-1.amazonaws.com/id/${var.OIDCProviderID}:sub": "system:serviceaccount:${var.NameSpace != null ? var.NameSpace : var.GroupName}:${var.GroupName}-job-scheduler-service-account"
}
}
}]
Expand Down

0 comments on commit e5771dd

Please sign in to comment.