AWS OIDC: Require S3 for configure IdP Script#39113
Merged
Merged
Conversation
marcoandredinis
added
no-changelog
espadolini
approved these changes
Mar 8, 2024
espadolini
reviewed
Mar 8, 2024
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
40fcb1a to
07ea739
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
6172b10 to
eb12883
Compare
AntonAM
approved these changes
Mar 12, 2024
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
07ea739 to
4f90fbf
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
eb12883 to
f98c3df
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
4f90fbf to
b02f73a
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
2 times, most recently
from
276c121 to
07c88e9
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
b02f73a to
59ae769
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
07c88e9 to
c598f7c
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
59ae769 to
be1db40
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
c598f7c to
0e0d837
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
be1db40 to
82d0b5a
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
0e0d837 to
4c3d280
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-conf-custom-idp
branch
from
82d0b5a to
a9df6f6
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
4c3d280 to
023afb5
Compare
There are two new required fields for generating the configure IdP script: - s3Bucket - s3Prefix This must form a valid URI when joining them: s3://<s3Bucket>/<s3Prefix>
marcoandredinis
force-pushed
the
marco/awsoidc-s3-idp-script
branch
from
023afb5 to
50d6323
Compare
|
@marcoandredinis See the table below for backport results.
|
marcoandredinis
added a commit
that referenced
this pull request
Mar 18, 2024
There are two new required fields for generating the configure IdP script: - s3Bucket - s3Prefix This must form a valid URI when joining them: s3://<s3Bucket>/<s3Prefix>
marcoandredinis
added a commit
that referenced
this pull request
Mar 18, 2024
There are two new required fields for generating the configure IdP script: - s3Bucket - s3Prefix This must form a valid URI when joining them: s3://<s3Bucket>/<s3Prefix>
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Mar 18, 2024
* AWS OIDC: Accept custom issuers (#38785) * AWS OIDC: Accept custom issuers This PR adds a new field into the AWS OIDC fields: - issuer This is the issuer that was configured in AWS. It is used by teleport to set the `issuer/iss` field when generating the JWT. This way we'll be able to set a custom issuer. As an example, we could set this to be a public S3 bucket which doesn't suffer from the thumbprint validation issuer. * ensure issuer is a valid https url * use s3 uri instead of any url for issuer * typo and require s3 fields * add missing s3 location when creating integration * improve error messages * AWS OIDC IdP Configuration: support S3 buckets as provider (#39026) This PR adds support for setting the AWS OIDC Integration with an S3 bucket as issuer. * AWS OIDC: Require S3 for configure IdP Script (#39113) There are two new required fields for generating the configure IdP script: - s3Bucket - s3Prefix This must form a valid URI when joining them: s3://<s3Bucket>/<s3Prefix> * update aws sdk to branch/v15
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Mar 18, 2024
* AWS OIDC: Accept custom issuers (#38785) * AWS OIDC: Accept custom issuers This PR adds a new field into the AWS OIDC fields: - issuer This is the issuer that was configured in AWS. It is used by teleport to set the `issuer/iss` field when generating the JWT. This way we'll be able to set a custom issuer. As an example, we could set this to be a public S3 bucket which doesn't suffer from the thumbprint validation issuer. * ensure issuer is a valid https url * use s3 uri instead of any url for issuer * typo and require s3 fields * add missing s3 location when creating integration * improve error messages * AWS OIDC IdP Configuration: support S3 buckets as provider (#39026) This PR adds support for setting the AWS OIDC Integration with an S3 bucket as issuer. * AWS OIDC: Require S3 for configure IdP Script (#39113) There are two new required fields for generating the configure IdP script: - s3Bucket - s3Prefix This must form a valid URI when joining them: s3://<s3Bucket>/<s3Prefix>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
There are two new required fields for generating the configure IdP script:
This must form a valid URI when joining them:
s3://<s3Bucket>/<s3Prefix>Context: #38782