it would be nice to have the ARN as well (e.g. from the same STS.GetCallerIdentity call).
Beyond providing it as an output that the calling workflow can use how it pleases, I'd also like to see the ARN output to logs by default, but I understand there are privacy/security implications to consider there.
Use Case
It's very useful to be able to expose the ARN to logs or for debugging/troubleshooting. Even this GitHub Action's README includes
aws sts get-caller-identity
in examples. :-)
Proposed Solution
No response
Other Information
No response
Acknowledgements
[X] I may be able to implement this feature request
Describe the feature
Similar to how the account id of the authenticated principal is set:
https://github.com/aws-actions/configure-aws-credentials/blob/ffc9011218e7227b402bc4cc49b703e8a3121c0f/src/helpers.ts#L57-L70
it would be nice to have the ARN as well (e.g. from the same STS.GetCallerIdentity call).
Beyond providing it as an output that the calling workflow can use how it pleases, I'd also like to see the ARN output to logs by default, but I understand there are privacy/security implications to consider there.
Use Case
It's very useful to be able to expose the ARN to logs or for debugging/troubleshooting. Even this GitHub Action's README includes
in examples. :-)
Proposed Solution
No response
Other Information
No response
Acknowledgements