Skip to content

Commit

Permalink
Check for OIDC prov before creation in EKS sol
Browse files Browse the repository at this point in the history
  • Loading branch information
@Brandon-Kimberly
Brandon-Kimberly committed Jun 27, 2024
1 parent 75d3435 commit 7a58d3a
Showing 1 changed file with 9 additions and 6 deletions.
15 changes: 9 additions & 6 deletions ...tions/oss/eks-infra/v2.0.0/iac/lib/existing-eks-opensource-observability-pattern/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,14 @@ export default class ExistingEksOpenSourceobservabilityPattern {
const region = process.env.COA_AWS_REGION! || process.env.CDK_DEFAULT_REGION!;

const amgEndpointUrl = process.env.AMG_ENDPOINT || "";
const sdkCluster = await blueprints.describeCluster(clusterName, region); // get cluster information using EKS APIs
const vpcId = sdkCluster.resourcesVpcConfig?.vpcId;

const ampWorkspaceArn = process.env.AMP_WS_ARN || "";

validateInput(account, region, clusterName, amgEndpointUrl, ampWorkspaceArn)

const sdkCluster = await blueprints.describeCluster(clusterName, region); // get cluster information using EKS APIs
const vpcId = sdkCluster.resourcesVpcConfig?.vpcId;

const ampEndpoint = getAmpWorkspaceEndpointFromArn(ampWorkspaceArn);

const clusterRoleName = "EKS_Obs_" + clusterName;
Expand Down Expand Up @@ -88,10 +89,12 @@ export default class ExistingEksOpenSourceobservabilityPattern {

const stack = obs.getClusterInfo().cluster.stack;

new iam.OpenIdConnectProvider(stack, 'OIDCProvider', {
url: sdkCluster.identity!.oidc!.issuer!,
clientIds: ['sts.amazonaws.com'],
});
if (!sdkCluster.identity?.oidc) {
new iam.OpenIdConnectProvider(stack, 'OIDCProvider', {
url: sdkCluster.identity!.oidc!.issuer!,
clientIds: ['sts.amazonaws.com'],
});
}

const clusterRole = new iam.Role(stack, 'ClusterAdminRole', {
assumedBy: new iam.CompositePrincipal(
Expand Down

0 comments on commit 7a58d3a

Please sign in to comment.