Closed roleyfoley closed 3 years ago
When running a command in AWS and the assume role action has failed for some reason an error should be returned if you are in the wrong account
If the assume role fails the command falls back to running from the default profile. This results in deployments to your default profile
Use https://docs.aws.amazon.com/cli/latest/reference/sts/get-caller-identity.html to confirm that the role used before the deployment is in the right account
This would prevent deployments running in random accounts when they don't need to.
Now implemented
Expected Behaviour
When running a command in AWS and the assume role action has failed for some reason an error should be returned if you are in the wrong account
Current Behaviour
If the assume role fails the command falls back to running from the default profile. This results in deployments to your default profile
Possible Solution
Use https://docs.aws.amazon.com/cli/latest/reference/sts/get-caller-identity.html to confirm that the role used before the deployment is in the right account
Context
This would prevent deployments running in random accounts when they don't need to.