add inputs executionRoleArn and taskRoleArn

aws-actions / amazon-ecs-render-task-definition

Inserts a container image URI into an Amazon ECS task definition JSON file.

MIT License

261 stars 142 forks source link

add inputs executionRoleArn and taskRoleArn #183

Open hblab-ngocnd opened 1 year ago

hblab-ngocnd commented 1 year ago

for security reason, want add input executionRoleArn and taskRoleArn for task definition

bert2002 commented 1 year ago

You can simply do this by adding it to the task-definition . E.g.

  "TaskDefinition": {
    "executionRoleArn": "arn:aws:iam::<id>:role/<name>",
    "containerDefinitions": [
      {
...

hblab-ngocnd commented 1 year ago

@bert2002 But that not good for security because that show Arn Role for viewer. It is better If input has options for set role from secret key by input

https://github.com/aws-actions/amazon-ecs-render-task-definition/blob/74bfbc88d5d3a3c237d9b643ed1b18546483b89e/action.yml#L6-L18

dangeReis commented 1 month ago

I agree, hardcoding the parameters in the task-definition is not useful. Can we prioritize this feature request?