aws-actions/configure-aws-credentials
1
0
Fork 0
mirror of synced 2026-06-05 19:25:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

include a role condition test for AUD in sample CFN template

Browse source
This commit is contained in:
russ 2022-11-03 10:45:32 +11:00
commit 85ec61b5fe
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -149,6 +149,10 @@ Parameters:
Description: Arn for the GitHub OIDC Provider. Description: Arn for the GitHub OIDC Provider.
Default: "" Default: ""
Type: String Type: String
OIDCAudience:
Description: Audience supplied to configure-aws-credentials.
Default: "sts.amazonaws.com"
Type: String
Conditions: Conditions:
CreateOIDCProvider: !Equals CreateOIDCProvider: !Equals
@ -169,6 +173,8 @@ Resources:
- !Ref GithubOidc - !Ref GithubOidc
- !Ref OIDCProviderArn - !Ref OIDCProviderArn
Condition: Condition:
StringEquals:
token.actions.githubusercontent.com:aud: !Ref OIDCAudience
StringLike: StringLike:
token.actions.githubusercontent.com:sub: !Sub repo:${GitHubOrg}/${RepositoryName}:* token.actions.githubusercontent.com:sub: !Sub repo:${GitHubOrg}/${RepositoryName}:*