From 6e50a12a3986e283383fcbdd1d50d6c861ec8433 Mon Sep 17 00:00:00 2001
From: Joakim Olsson <joakim@unbound.se>
Date: Wed, 7 Sep 2022 10:32:34 +0200
Subject: [PATCH] feat: add pod identity webhook for IRSA

---
 k8s.tf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/k8s.tf b/k8s.tf
index f0c9700..9601616 100644
--- a/k8s.tf
+++ b/k8s.tf
@@ -177,6 +177,10 @@ resource "kops_cluster" "k8s" {
     enable_rebalance_monitoring       = var.enable_rebalance_monitoring
   }
 
+  pod_identity_webhook {
+    enabled = true
+  }
+
   service_account_issuer_discovery {
     discovery_store          = var.aws_oidc_provider ? "s3://${aws_s3_bucket.issuer[0].bucket}" : null
     enable_aws_oidc_provider = var.aws_oidc_provider