aws-cdk-github-oidc icon indicating copy to clipboard operation
aws-cdk-github-oidc copied to clipboard

Published 20 hours ago verified publisher icon aripalo

Feature: allow setting an array of filters (subjects)

Open moltar opened this issue 1 year ago • 1 comments

Currently, it is only possible to set one filter per role.

https://github.com/aripalo/aws-cdk-github-oidc/blob/53de62a59834455b89f9a567468233daf710e5b9/src/role.ts#L163-L166

However I believe it is possible to support an array of filters, like so:

      "Condition": {
        "ForAnyValue:StringLike": {
          "token.actions.githubusercontent.com:sub": [
            "repo:myorg/myrepo:ref:refs/heads/test-branch-1",
            "repo:myorg/myrepo:ref:refs/heads/test-branch-2"
          ]
        }

(not actually tested, source)

moltar avatar Sep 16 '23 00:09 moltar

I opened https://github.com/aripalo/aws-cdk-github-oidc/pull/41 with a proposed API

blimmer avatar Nov 11 '23 00:11 blimmer