From d45aada0bf9bc87589d3dc984c0b917599eace78 Mon Sep 17 00:00:00 2001
From: Joao C Costa <joaocc@users.noreply.github.com>
Date: Wed, 4 Oct 2023 14:24:32 +0100
Subject: [PATCH] fix: Allow `cert-manager` IAM role to assume itself (#269)

Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
---
 main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/main.tf b/main.tf
index 7544883b..e0509b17 100644
--- a/main.tf
+++ b/main.tf
@@ -1927,6 +1927,7 @@ module "cert_manager" {
   role_description              = try(var.cert_manager.role_description, "IRSA for cert-manger project")
   role_policies                 = lookup(var.cert_manager, "role_policies", {})
 
+  allow_self_assume_role  = try(var.cert_manager.allow_self_assume_role, true)
   source_policy_documents = data.aws_iam_policy_document.cert_manager[*].json
   policy_statements       = lookup(var.cert_manager, "policy_statements", [])
   policy_name             = try(var.cert_manager.policy_name, null)