File tree Expand file tree Collapse file tree 2 files changed +7
-5
lines changed
terragrunt/org_account/sentinel_oidc Expand file tree Collapse file tree 2 files changed +7
-5
lines changed Original file line number Diff line number Diff line change @@ -8,7 +8,7 @@ resource "aws_iam_role" "sentinel_oidc" {
88 Action = " sts:AssumeRoleWithWebIdentity"
99 Condition = {
1010 StringEquals = {
11- " ${local.url}:aud" = local.azure_client_id
11+ " ${local.url}:aud" = [ local.azure_client_id, local.azure_client_id_cds_snc_la]
1212 }
1313 }
1414 Effect = " Allow"
Original file line number Diff line number Diff line change 11locals {
2- azure_tenet_id = " 221ca1d3-b3f2-4346-8abc-88f802495c7d"
3- azure_client_id = " c8b9cf86-e2b4-4428-b356-14313412a4d1"
4- url = " sts.windows.net/${ local . azure_tenet_id } /"
5- url_https = " https://${ local . url } "
2+ azure_tenant_id = " 221ca1d3-b3f2-4346-8abc-88f802495c7d"
3+ azure_client_id = " c8b9cf86-e2b4-4428-b356-14313412a4d1"
4+ azure_client_id_cds_snc_la = " 50a00e76-8dcf-4c54-b8b1-94f67e340960"
5+ url = " sts.windows.net/${ local . azure_tenant_id } /"
6+ url_https = " https://${ local . url } "
67}
78
89data "tls_certificate" "thumprint" {
@@ -13,6 +14,7 @@ data "tls_certificate" "thumprint" {
1314resource "aws_iam_openid_connect_provider" "azure" {
1415 client_id_list =
1516 local . azure_client_id ,
17+ local . azure_client_id_cds_snc_la ,
1618 ]
1719 thumbprint_list =
1820 data . tls_certificate . thumprint . certificates . 0 . sha1_fingerprint ,
You can’t perform that action at this time.
0 commit comments