feat: add pod identity webhook for IRSA

opzkit · Sep 7, 2022 · 6e50a12 · 6e50a12
1 parent e9c6a32
commit 6e50a12
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/k8s.tf b/k8s.tf
@@ -177,6 +177,10 @@ resource "kops_cluster" "k8s" {
     enable_rebalance_monitoring       = var.enable_rebalance_monitoring
   }
 
+  pod_identity_webhook {
+    enabled = true
+  }
+
   service_account_issuer_discovery {
     discovery_store          = var.aws_oidc_provider ? "s3://${aws_s3_bucket.issuer[0].bucket}" : null
     enable_aws_oidc_provider = var.aws_oidc_provider