Closed rfairburn closed 2 months ago
Hey @lukeheath, it looks we we have an open PR for this request: https://github.com/fleetdm/fleet/pull/18901
I moved this request off the feature fest board to the #g-customer-success board.
Please feel free to move it if that's not the right place.
@rfairburn We're moving this ticket to the Customer Success board so you can track it there since there is already a PR in review.
ExternalId brings peace, Secure in the cloud city, Fleet's role now increased.
Problem
As a user of Fleet cloud, I would like to be able to provide an ExternalId as part of the assume role process.
Fleet currently supports assuming roles for cross-account data delivery to sources such as Firehose, but does not currently allow specifying an ExternalId as part of the assume role request.
See the following links for more information: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
The aws sdk for go Fleet uses already supports this, we would just need to pass in the parameter. See: https://docs.aws.amazon.com/sdk-for-go/api/service/sts/
Potential solutions