Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Recommending using OIDC #871

Merged
merged 4 commits into from
Sep 29, 2023
Merged

feat: Recommending using OIDC #871

merged 4 commits into from
Sep 29, 2023

Conversation

jplock
Copy link
Contributor

@jplock jplock commented Sep 29, 2023

Issue #, if available: N/A

Description of changes: We should recommend that customers use OpenID Connect to authenticate instead of long-term credentials

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@jplock jplock changed the title Recommending using OIDC feat: Recommending using OIDC Sep 29, 2023
peterwoodworth
peterwoodworth suggested changes Sep 29, 2023
View reviewed changes
Copy link
Contributor

@peterwoodworth peterwoodworth left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @jplock, this is a good warning to throw 🙂

I think this will end up throwing a warning when there are no permanent credentials being used - e.g. if you are role chaining. I think if you hide this warning behind a check for the absence of AWS_SESSION_TOKEN then we will only throw this when we want to.

Additionally, we should have this warning in our unit test coverage. At least one unit test that role-chains should explicitly not throw this warning, and at least one unit test should explicitly throw this warning with user credentials

@mergify mergify bot merged commit f31c158 into aws-actions:main Sep 29, 2023
8 checks passed
@jplock jplock deleted the jp-iam branch September 29, 2023 23:06
@jplock jplock mentioned this pull request Oct 17, 2023
Closed
23 tasks
@asinbow asinbow mentioned this pull request Oct 31, 2023
Closed
@tim-finnigan tim-finnigan mentioned this pull request Nov 21, 2023
Merged
1 task
@ponkio-o ponkio-o mentioned this pull request Feb 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peterwoodworth peterwoodworth peterwoodworth approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jplock @peterwoodworth