Closed MichaelChovanakDatavant closed 11 months ago
Hey @MichaelChovanakDatavant – thank you for this, I'm happy for this feature to go in but can we rename the variable to additional_audiences
so that it's consistent with the additional_thumbprints
variable name, and can we also always include sts.amazonaws.com
as an audience instead of putting it in the variable default? We do the same thing with thumbprints, we allow additional ones to be added but we don't allow the defaults to be overridden.
@unfunco Thanks for the feedback! I've changed it to additional_audiences
.
Excellent. Thanks! I'll get a new release out shortly!
I recently fixed an authentication issue by adding
https://github.com/<organization>
as an allowed audience in the github IAM trust relation, but I could not persist the change in terraform using this module.This change adds the ability to optionally specify
additional_audiences = ["<another_audience>", ...]
, which when omitted retains the default allowed audience of'sts.amazonaws.com'