Skip to content

Commit

Permalink
fix: AWS Secret manager respect pod identity overrides (#6197)
Browse files Browse the repository at this point in the history
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
Signed-off-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es>
  • Loading branch information
JorTurFer authored Oct 2, 2024
1 parent 69a9cb9 commit caba419
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ Here is an overview of all new **experimental** features:

### Fixes

- **AWS Secret Manager**: Pod identity overrides are honored ([#6195](https://github.com/kedacore/keda/issues/6195))
- **Azure Event Hub Scaler**: Checkpointer errors are correctly handled ([#6084](https://github.com/kedacore/keda/issues/6084))
- **Metrics API Scaler**: Prometheus metrics can have multiple labels ([#6077](https://github.com/kedacore/keda/issues/6077))

Expand Down
1 change: 1 addition & 0 deletions pkg/scaling/resolver/aws_secretmanager_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ func (ash *AwsSecretManagerHandler) Initialize(ctx context.Context, client clien
return fmt.Errorf("AccessKeyID and AccessSecretKey are expected when not using a pod identity provider")
}
case kedav1alpha1.PodIdentityProviderAws:
ash.awsMetadata.UsingPodIdentity = true
if ash.secretManager.PodIdentity.IsWorkloadIdentityOwner() {
awsRoleArn, err := resolveServiceAccountAnnotation(ctx, client, podSpec.ServiceAccountName, triggerNamespace, kedav1alpha1.PodIdentityAnnotationEKS, true)
if err != nil {
Expand Down

0 comments on commit caba419

Please sign in to comment.