Add the OIDC provider ARN to outputs (#653)

Author: eytanhanig

CHANGELOG.md

@@ -23,6 +23,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 - Fix aws-auth config map for managed node groups (by @wbertelsen)
 - Added support to create IAM OpenID Connect Identity Provider to enable EKS Identity Roles for Service Accounts (IRSA). (by @alaa)
 - Adding node group iam role arns to outputs. (by @mukgupta)
+- Added the OIDC Provider ARN to outputs. (by @eytanhanig)
 - **Breaking:** Change logic of security group whitelisting. Will always whitelist worker security group on control plane security group either provide one or create new one. See Important notes below for upgrade notes (by @ryanooi)
 
 #### Important notes

README.md

@@ -219,6 +219,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | kubeconfig | kubectl config file contents for this EKS cluster. |
 | kubeconfig\_filename | The filename of the generated kubectl config. |
 | node\_groups\_iam\_role\_arns | IAM role ARNs for EKS node groups |
+| oidc\_provider\_arn | The ARN of the OIDC Provider if `enable_irsa = true`. |
 | worker\_autoscaling\_policy\_arn | ARN of the worker autoscaling IAM policy if `manage_worker_autoscaling_policy = true` |
 | worker\_autoscaling\_policy\_name | Name of the worker autoscaling IAM policy if `manage_worker_autoscaling_policy = true` |
 | worker\_iam\_instance\_profile\_arns | default IAM instance profile ARN for EKS worker groups |

outputs.tf

@@ -63,6 +63,11 @@ output "kubeconfig_filename" {
   value       = concat(local_file.kubeconfig.*.filename, [""])[0]
 }
 
+output "oidc_provider_arn" {
+  description = "The ARN of the OIDC Provider if `enable_irsa = true`."
+  value       = var.enable_irsa ? aws_iam_openid_connect_provider.oidc_provider[0].arn : null
+}
+
 output "workers_asg_arns" {
   description = "IDs of the autoscaling groups containing workers."
   value = concat(