|
|
|
|
|
|
by 420official
530 days ago
|
|
|
It really isn't that challenging to get going with JWT auth in AWS. Gitlab has pretty good documentation for how to use Gitlab ID tokens to assume roles that includes everything other than how to generate a JWT here: https://docs.gitlab.com/ee/ci/cloud_services/aws/ And of course generating OIDC PKI JWTs is pretty easy and well documented elsewhere. The harder parts in my mind are: - Updating this OSS project to serve a JWK from OIDC .well-known
- Convincing people that this method of authn is safe and that those keys are securely stored
|
|
|