Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to specify a custom STS endpoint #1067

Open
1 of 2 tasks
ianroberts opened this issue May 14, 2024 · 1 comment
Open
1 of 2 tasks

Add option to specify a custom STS endpoint #1067

ianroberts opened this issue May 14, 2024 · 1 comment
Labels
feature-request A feature should be added or improved. p2

Comments

@ianroberts
Copy link

ianroberts commented May 14, 2024
edited
Loading

Describe the feature

Add an option to specify the STS endpoint URL explicitly, as an alternative to deriving it automatically from the AWS region.

Use Case

I want to be able to use GitHub tokens for federated authentication to a Minio storage server - this uses an S3-compatible API for storage operations, but also includes an STS-compatible endpoint providing the AssumeRoleWithWebIdentity action to generate access credentials for the S3-compatible API using a federated identity token. As far as I can see this would be possible using the configure-aws-credentials action if there were the option to specify an explicit endpoint parameter in place of (or as well as) the region in CredentialsClient.stsClient():

configure-aws-credentials/src/CredentialsClient.ts

Lines 33 to 37 in fff2104

this._stsClient = new STSClient({
region: this.region,
customUserAgent: USER_AGENT,
requestHandler: this.requestHandler ? this.requestHandler : undefined,
});

Proposed Solution

  • add a new input sts-endpoint to the action
  • pass this through to the CredentialsClient constructor
  • if an endpoint has been specified, forward this to the STSClient constructor. Otherwise behave as normal, letting STSClient build its own default endpoint from the region name.

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change
@ianroberts ianroberts added feature-request A feature should be added or improved. needs-triage This issue still needs to be triaged labels May 14, 2024
@tim-finnigan tim-finnigan self-assigned this Jul 3, 2024
@tim-finnigan
Copy link
Contributor

Thanks for the feature request, I'm not sure if we would consider this but would like to get more input from the community. Also I think this somewhat overlaps with #305.

@tim-finnigan tim-finnigan added p2 and removed needs-triage This issue still needs to be triaged investigating labels Jul 3, 2024
@tim-finnigan tim-finnigan removed their assignment Jul 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ianroberts @tim-finnigan