From 56e436441a2064ddfba6db379993127937aa7f28 Mon Sep 17 00:00:00 2001
From: TomasKohout <tomas.kohout1995@gmail.com>
Date: Mon, 5 Aug 2024 15:11:02 +0200
Subject: [PATCH] feat: Allow changing iss for the github oidc role (#507)

Signed-off-by: Tomas Kohout <tomas.kohout@merck.com>
Co-authored-by: Tomas Kohout <tomas.kohout@merck.com>
---
 modules/iam-github-oidc-role/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/iam-github-oidc-role/main.tf b/modules/iam-github-oidc-role/main.tf
index a2cd2905..5f63dcdd 100644
--- a/modules/iam-github-oidc-role/main.tf
+++ b/modules/iam-github-oidc-role/main.tf
@@ -31,8 +31,8 @@ data "aws_iam_policy_document" "this" {
 
     condition {
       test     = "ForAllValues:StringEquals"
-      variable = "token.actions.githubusercontent.com:iss"
-      values   = ["https://token.actions.githubusercontent.com"]
+      variable = "${local.provider_url}:iss"
+      values   = ["https://${local.provider_url}"]
     }
 
     condition {