Skip to content

Instantly share code, notes, and snippets.

@Jeffwan
Created February 7, 2020 23:02
Show Gist options
  • Save Jeffwan/616d400d8b9f89017b46216634485c03 to your computer and use it in GitHub Desktop.
Save Jeffwan/616d400d8b9f89017b46216634485c03 to your computer and use it in GitHub Desktop.
assumeRolePolicyDocument := []byte(
`{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "$(roleArn)"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"$(oidcProvider):aud": "sts.amazonaws.com",
"$(oidcProvider):sub": "system:serviceaccount:$(namespace):$(ksa)"
}
}
}
]
}`)
assumeRolePolicyDocument = bytes.Replace(assumeRolePolicyDocument, []byte("$(roleArn)"), []byte(oidcProviderArn), -1)
assumeRolePolicyDocument = bytes.Replace(assumeRolePolicyDocument, []byte("$(oidcProvider)"), []byte(issuerUrlWithProtocol), -1)
assumeRolePolicyDocument = bytes.Replace(assumeRolePolicyDocument, []byte("$(namespace)"), []byte(namespace), -1)
assumeRolePolicyDocument = bytes.Replace(assumeRolePolicyDocument, []byte("$(ksa)"), []byte(ksa), -1)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment