Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] AWS Github Actions OIDC authenticator #4542

Open
gocha-gvaladze opened this issue Feb 28, 2025 · 1 comment
Open

[FEATURE] AWS Github Actions OIDC authenticator #4542

gocha-gvaladze opened this issue Feb 28, 2025 · 1 comment
Labels
Feature Request The issue is a request for enhancement or new functionality rather than a bug. feature New feature or request Triaged The issue has been reviewed. Issues without a “Triaged” label require triage/review.

Comments

@gocha-gvaladze
Copy link

gocha-gvaladze commented Feb 28, 2025
edited
Loading

Use-cases

  • Use Service Principal OAuth federation with Github Actions OIDC for AWS Based Deployments
  • avoid using long term credentials.

Attempted Solutions

Getting OAuth Token via JWT exchange flow and injecting it as token in provider configuration,
it works but token cannot be refreshed dynamically, thus limiting the execution of apply/plan operations to 5 minutes.

Proposal

Feature is already implemented for Azure based deployments, it seems like it should not require much modification to make the existing code inter compatible for both Azure and AWS based deployments.

References

https://docs.databricks.com/aws/en/dev-tools/auth/oauth-federation
@gocha-gvaladze gocha-gvaladze added the feature New feature or request label Feb 28, 2025
@gocha-gvaladze gocha-gvaladze changed the title [FEATURE] New feature request [FEATURE] AWS Github Actions OIDC authenticator Feb 28, 2025
@tanmay-db tanmay-db added Feature Request The issue is a request for enhancement or new functionality rather than a bug. Triaged The issue has been reviewed. Issues without a “Triaged” label require triage/review. labels Mar 3, 2025
@gocha-gvaladze
Copy link
Author

Is there any ETA for delivery of this capability?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature Request The issue is a request for enhancement or new functionality rather than a bug. feature New feature or request Triaged The issue has been reviewed. Issues without a “Triaged” label require triage/review.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tanmay-db @gocha-gvaladze