Skip to content

Commit

Permalink
fix: AWS Secret manager respect pod identity overrides (kedacore#6197)
Browse files Browse the repository at this point in the history 
Signed-off-by: Jorge Turrado <[email protected]>
Signed-off-by: Jorge Turrado Ferrero <[email protected]>
Signed-off-by: Chirag Bhatia <[email protected]>
  • Loading branch information
@JorTurFer @chiragbhatia8
JorTurFer authored and chiragbhatia8 committed Jan 9, 2025
1 parent 8cdab0b commit de4da31
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ Here is an overview of all new **experimental** features:

### Fixes

- **AWS Secret Manager**: Pod identity overrides are honored ([#6195](https://github.com/kedacore/keda/issues/6195))
- **Azure Event Hub Scaler**: Checkpointer errors are correctly handled ([#6084](https://github.com/kedacore/keda/issues/6084))
- **Metrics API Scaler**: Prometheus metrics can have multiple labels ([#6077](https://github.com/kedacore/keda/issues/6077))

Expand Down
1 change: 1 addition & 0 deletions pkg/scaling/resolver/aws_secretmanager_handler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ func (ash *AwsSecretManagerHandler) Initialize(ctx context.Context, client clien
return fmt.Errorf("AccessKeyID and AccessSecretKey are expected when not using a pod identity provider")
}
case kedav1alpha1.PodIdentityProviderAws:
ash.awsMetadata.UsingPodIdentity = true
if ash.secretManager.PodIdentity.IsWorkloadIdentityOwner() {
awsRoleArn, err := resolveServiceAccountAnnotation(ctx, client, podSpec.ServiceAccountName, triggerNamespace, kedav1alpha1.PodIdentityAnnotationEKS, true)
if err != nil {
Expand Down

0 comments on commit de4da31

Please sign in to comment.