aws-cdk-github-oidc
aws-cdk-github-oidc copied to clipboard
aripalo
CDK constructs to use OpenID Connect for authenticating your Github Action workflow with AWS IAM
This PR introduces a new API that allows passing multiple subjects via the `trustedRepositories` property. Fixes #35
Currently, it is only possible to set one filter per role. https://github.com/aripalo/aws-cdk-github-oidc/blob/53de62a59834455b89f9a567468233daf710e5b9/src/role.ts#L163-L166 However I believe it is possible to support an array of filters, like so: ```json "Condition": { "ForAnyValue:StringLike":...
It seems that the library does not support other partitions than the different one. I have an implementation for this and I will open a PR soon.
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.8 to 7.23.2. Release notes Sourced from @babel/traverse's releases. v7.23.2 (2023-10-11) NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
This PR uses jsii-struct-builder to produce your `RoleProps` with `assumedBy` omitted. Fixes #36
You can use https://github.com/mrgrain/jsii-struct-builder to produce your `Partial` based on `RoleProps`: https://github.com/aripalo/aws-cdk-github-oidc/blob/main/src/iam-role-props.ts You can see an example here: https://github.com/blimmer/cdk-static-wordpress/blob/372b42e9c9c3eb1bfde8c61afbded0188ca08d6c/.projenrc.ts#L66-L92
When making a role like so ``` const githubActionsRole = new GithubActionsRole(this, roleName, { roleName: roleName, provider, owner: 'f', repo: 'catalog', filter: 'ref:refs/heads/main' }) ``` it makes a policy like...
