Move Atlantis IAM Role creation to eks/ directory #29
Description
Is your feature request related to a problem? Please describe.
Currently, the logic for creating the IAM role for Atlantis is located in the iam/ directory. According to the documentation, this directory must be applied before creating the EKS cluster. However, the Atlantis role requires the oidc_provider variable to be set in template.tfvars, which depends on the EKS cluster being already created (oidc_provider = "oidc.eks.<REGION>.amazonaws.com/id/<AWS_OIDC_ID>"). This creates a circular dependency where the role cannot be created before the cluster.
Describe the solution you'd like
Move the creation logic for the Atlantis IAM role from iam/ to the eks/ directory, alongside the EKS cluster and other IAM roles that depend on oidc_provider.
Describe alternatives you've considered
As an alternative, the Atlantis IAM role could remain in the iam/ directory if there were a mechanism to generate or retrieve the oidc_provider value before EKS cluster creation. However, this adds unnecessary c
Additional context
Placing the Atlantis IAM role creation in the eks/ directory will align it with the other OIDC-dependent resources and simplify the deployment flow.