Terraform has recently added support for aws_iam_outbound_web_identity_federation as a resource, which manages this setting on an AWS account level, but it would be useful to have a corresponding data source as well. We have plans that, for example, enable delegated OIDC access to various partners, and part of that process involves knowing the account-level OIDC issuer URL. This property is available on the existing resource, but this resource can only be referenced in a single plan per account - if you run another plan that includes it as a resource you will get an error stating that the setting has already been enabled.
This request is to create the dual of the feature introduced in https://github.com/hashicorp/terraform-provider-aws/issues/45146 - instead of managing the setting, just have a data source that returns the configured values.
aws_iam_outbound_web_identity_federationdata "aws_iam_outbound_web_identity_federation" "main" {}
resource "otherprovider_federated_identity" "main" {
description = "Example idenity"
scopes = ["some_scope"]
issuer = data.aws_iam_outbound_web_identity_federation.main.issuer_identifier
subject = aws_iam_role.node.arn
}
The mechanism to do this exists in the Go SDK - https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/iam#Client.GetOutboundWebIdentityFederationInfo
No