search

falcosecurity / test-infra

Falco workflow & testing infrastructure
https://prow.falco.org
Apache License 2.0
31 stars 109 forks source link

fix(clusters/iam): set correct oidc subject for prs #1433

Closed maxgio92 closed 7 months ago

maxgio92 commented 7 months ago

As for official Github documentation, the OIDC subject for pull requests needs to be updated AWS side to allow Github Actions to assume the AWS IAM Role needed to read resources during Terraform Plan.

In example, when the authentication is made during a workflow triggered by a pull request, the subject is structured like below: repo:<orgName/repoName>:pull_request

maxgio92 commented 7 months ago

@FedeDP PTAL

poiana commented 7 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, maxgio92

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[config/OWNERS](https://github.com/falcosecurity/test-infra/blob/master/config/OWNERS)~~ [FedeDP,maxgio92] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment