Skip to content

Commit

Permalink
updated the default issuer of kubernetes to kubernetes/serviceaccount
Browse files Browse the repository at this point in the history
  • Loading branch information
@petersin0422
petersin0422 committed Aug 3, 2022
1 parent 2789796 commit 2d93931
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -363,7 +363,7 @@ module "oidc_auth_method" {

A Kubernetes service account JWT token that allow Vault to validate incoming authentication request with Kubernetes. Please refer to [this doc][kube-reviewer-jwt] for more information.

- (string) **`issuer = "kubernetes.io/serviceaccount"`** _[since v0.0.1]_
- (string) **`issuer = "kubernetes/serviceaccount"`** _[since v0.0.1]_

The issuer of the `token_reviewer_jwt` token. Please refer to [this doc][kube-issuer] for more information.

Expand Down
2 changes: 1 addition & 1 deletion kubernetes-auth-backend.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,5 @@ resource "vault_kubernetes_auth_backend_config" "kubernetes_auth_backend_config"
kubernetes_host = var.kubernetes_config.host
kubernetes_ca_cert = var.kubernetes_config.ca_certificate
token_reviewer_jwt = var.kubernetes_config.token_reviewer_jwt
issuer = var.kubernetes_config.issuer != null ? var.kubernetes_config.issuer : "kubernetes.io/serviceaccount"
issuer = var.kubernetes_config.issuer != null ? var.kubernetes_config.issuer : "kubernetes/serviceaccount"
}

0 comments on commit 2d93931

Please sign in to comment.