allow custom cluster admin arn to be set

Author: ksoviero-liscio

main.tf

@@ -156,7 +156,7 @@ locals {
   # better controlled by users through Terraform
   bootstrap_cluster_creator_admin_permissions = {
     cluster_creator = {
-      principal_arn = data.aws_iam_session_context.current.issuer_arn
+      principal_arn = var.custom_cluster_creator_admin_arn ? var.custom_cluster_creator_admin_arn : data.aws_iam_session_context.current.issuer_arn
       type          = "STANDARD"
 
       policy_associations = {

variables.tf

@@ -164,6 +164,12 @@ variable "enable_cluster_creator_admin_permissions" {
   default     = false
 }
 
+variable "custom_cluster_creator_admin_arn" {
+  description = "ARN of cluster creator to use instead of current role for access entry administrator"
+  type = string
+  default = ""
+}
+
 ################################################################################
 # KMS Key
 ################################################################################