Skip to content

Commit

Permalink
Fix OIDC access to KMS key (#220)
Browse files Browse the repository at this point in the history 
We should pass in a Role ARN to the key

fix for commit 57b591f
  • Loading branch information
@jesusaurus
jesusaurus authored Jun 28, 2023
1 parent 57b591f commit c302788
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion config/infra-ampad/workflows-kms-key.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ parameters:
AccountAdminArns:
- {{stack_group_config.sso_admin_role.arn}}
- !stack_output_external workflows-nextflow-ci-service-account::ServiceRoleArn
- !stack_output_external workflows-infra-kms-key::KeyArn
- !stack_output_external github-oidc-nextflow-infra::ProviderRoleArn

stack_tags:
{{stack_group_config.default_stack_tags}}
2 changes: 1 addition & 1 deletion config/infra-dev/workflows-kms-key.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ parameters:
AccountAdminArns:
- {{stack_group_config.sso_admin_role.arn}}
- !stack_output_external workflows-nextflow-ci-service-account::ServiceRoleArn
- !stack_output_external workflows-infra-kms-key::KeyArn
- !stack_output_external sagebase-github-oidc-workflows-dev-nextflow-infra::ProviderRoleArn

stack_tags:
{{stack_group_config.default_stack_tags}}
2 changes: 1 addition & 1 deletion config/infra-prod/workflows-kms-key.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ parameters:
AccountAdminArns:
- {{stack_group_config.sso_admin_role.arn}}
- !stack_output_external workflows-nextflow-ci-service-account::ServiceRoleArn
- !stack_output_external workflows-infra-kms-key::KeyArn
- !stack_output_external sagebase-github-oidc-workflows-prod-nextflow-infra::ProviderRoleArn

stack_tags:
{{stack_group_config.default_stack_tags}}

0 comments on commit c302788

Please sign in to comment.