You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I want to add the capacity to SPA to give temporary credential for sandbox user in order to use automation in CI/CD like Github actions or Gitlab CI
Why is this important?
It is important to easily manage temporary admin credential in CI/CD to avoid credential spreading and to be as near as possible as production best practices
How to implement it?
Create a lambda function to receive a JWT, this lambda should :
validate the JWT (based on a well known JWS (RFC https://www.rfc-editor.org/rfc/rfc7800.html ?). We need to be able to use it online but also offline (ex for non publicly exposed CI/CD)
use the email to select the correct target AWS account inside Organization
return a temporary "admin" creds (AccessKey, SecretKey, SessionToken) in a json format in order to be used by the CI/CD
Store the JKS for offline purpose in AWS SSM
The text was updated successfully, but these errors were encountered:
What is this?
I want to add the capacity to SPA to give temporary credential for sandbox user in order to use automation in CI/CD like Github actions or Gitlab CI
Why is this important?
It is important to easily manage temporary admin credential in CI/CD to avoid credential spreading and to be as near as possible as production best practices
How to implement it?
Create a lambda function to receive a JWT, this lambda should :
Store the JKS for offline purpose in AWS SSM
The text was updated successfully, but these errors were encountered: