EKS
Last updated
Last updated
AWS IAM identity provider needs to be configured with CA Thumbprint. More specifically, this is a SHA1 fingerprint (in lowercase and without colons) of the root CA certificate.
Thumbprint can be obtained with openssl or other tools, but there couple of shortcuts:
Oneliner from GH issue ():
kubergrunt
tool ():
kubergrunt eks oidc-thumbprint --issuer-url $ISSUER_URL
Amazon EKS Best Practices Guide for Security -