WingNews logo WingNews
top | item 42553707

(no title)

420official | 1 year ago

It really isn't that challenging to get going with JWT auth in AWS. Gitlab has pretty good documentation for how to use Gitlab ID tokens to assume roles that includes everything other than how to generate a JWT here: https://docs.gitlab.com/ee/ci/cloud_services/aws/

And of course generating OIDC PKI JWTs is pretty easy and well documented elsewhere.

The harder parts in my mind are:

  - Updating this OSS project to serve a JWK from OIDC .well-known
  - Convincing people that this method of authn is safe and that those keys are securely stored

discuss

order

rohitghumare|1 year ago

I completely Agree on this point. I have this in mind for implementation. For now, I'm focusing on bringing more cloud providers.