Obsolete with new AWS feature ("Fine-Grained IAM Roles for Service Accounts")?

[hjacobs]

See https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/

Twitter thread: https://twitter.com/mhausenblas/status/1169292857108324353

OSS repo: https://github.com/aws/amazon-eks-pod-identity-webhook

[seh]

Betteridge's Law of Headlines comes to mind here. A new solution doesn't render this solution obsolete. This new solution involves a mutating admission Webhook, projected service account tokens, an OIDC provider, mating IAM roles to service accounts, and new capabilities in the AWS API. Not all existing users of this program could swallow all of that.