trust-relationship.json

From wikieduonline
Jump to navigation Jump to search 

cat >trust-relationship.json <<EOF
{
 "Version": "2012-10-17",
 "Statement": [
   {
     "Effect": "Allow",
     "Principal": {
       "Federated": "arn:aws:iam::$account_id:oidc-provider/$oidc_provider"
     },
     "Action": "sts:AssumeRoleWithWebIdentity",
     "Condition": {
       "StringEquals": {
         "$oidc_provider:aud": "sts.amazonaws.com",
         "$oidc_provider:sub": "system:serviceaccount:$namespace:$service_account"
       }
     }
   }
 ]
}
EOF


aws iam create-role

Retrieved from "https://www.wikieduonline.com/index.php?title=Trust-relationship.json&oldid=271446"

Advertising: