Add tokenreviews permissions

charts/eks-pod-identity-agent/templates/serviceaccount.yaml

@@ -20,6 +20,11 @@ rules:
   resources: ["serviceaccounts"]
   verbs: {{ .Values.irsa.cluster_role.permissions.serviceaccounts.verbs }}
 {{- end }}
+{{- if .Values.irsa.cluster_role.permissions.tokenreviews.verbs }}
+- apiGroups: [""]
+  resources: ["tokenreviews"]
+  verbs: {{ .Values.irsa.cluster_role.permissions.tokenreviews.verbs }}
+{{- end }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding

charts/eks-pod-identity-agent/values.yaml

@@ -107,3 +107,5 @@ irsa:
     permissions:
       serviceaccounts:
         verbs: ["get"]
+      tokenreviews:
+        verbs: ["create"]