Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] OIDC provider to use some resource from external service (like AWS IAM) #408

Open
MysticDoll opened this issue Jan 16, 2025 · 1 comment
Open

[FEATURE] OIDC provider to use some resource from external service (like AWS IAM) #408

MysticDoll opened this issue Jan 16, 2025 · 1 comment

Comments

@MysticDoll
Copy link

MysticDoll commented Jan 16, 2025
edited
Loading

Description of the problem being solved
I want to assume role in our AWS account like GitHub Actions.

If it is possible, we can use some AWS resource from Slack Workflow.

Alternative solutions
Now we can use some resource from AWS with IAM user credentials. But IAM User isn't match AWS's best practice and AWS recommends to use temporary credentials by AssumeRoleWithWebIdentity.

Requirements

Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.
@mroy-seedbox
Copy link

That would 100% be awesome. 🙌

Also, if each Slack application were given its own individual instance profile (assuming that they run on AWS infrastructure, which should be the case since Salesforce is all AWS), it would make it very easy to allow it to assume a role in our AWS account (we would just have to enable that instance profile ARN to assume the desired role).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MysticDoll @mroy-seedbox