feat: add possibiblity to use AWS IAM roles for service accounts

[ghost]

what

• To allow usage of AWS IRSA the assume role policy of the created IAM role needs to be adapted, therefore an additional (and optional) statement for the sts:AssumeRoleWithWebIdentity action was added
• To decouple sts:AssumeRole for the Service and the AWS principal types all statements have been split into separate blocks

why

• To allow usage of AWS IAM roles inside of EKS AWS
• more secure than handling AWS access keys and secrets

references

• IRSA
• 1
• 2

[msvechla]

Is there an update on this @goruha, can we get this merged?

[mohramadan911]

looks promising we are waiting to use this feature in our labs as well , +1 for any merging updates ?

[mergify[bot]]

Thanks @davidsomebody for creating this pull request!

A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.

While you wait, make sure to review our contributor guidelines.

[!TIP]

Need help or want to ask for a PR review to be expedited?

Join us on Slack in the #pr-reviews channel.