CircleCI Ideas

AWS Role Assumption

grebols wrote:


It would be nice to be able to replace the hardcoded and long lived AWS credentials you’re currently offering for access AWS APIs with the ability to assume a cross-account role with STS? for an example how datadog did it:

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Nov 28 2018
  • Taking votes
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    April 11, 2019 17:50

    This!    Adding the ability to assume a role w/ external id would be very helpful and remove the need for keys and improve the security posture.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    16 Jan 18:55

    +1 AWS creds are so last decade! This would be really helpful. CircleCI is the only user that we still create in our AWS account. We have moved onto SSO. Thx!