Skip to content

core: Allow sts:TagSession to trusted accounts #31557

New issue
New issue
Open
aws/aws-cdk-cli
#762
Open
core: Allow sts:TagSession to trusted accounts#31557
aws/aws-cdk-cli
#762
Labels
@aws-cdk/coreRelated to core CDK functionalityeffort/mediumMedium work item – several days of effortfeature-requestA feature should be added or improved.p2
@konokenj

Description

@konokenj
konokenj
opened on Sep 25, 2024

Describe the feature

With #31089, now we can use sts:TagSession in single account. Next, it can be allowed to use with --trust or --trust-for-lookup.

Use Case

In cases of cross-account deployment, sts:TagSession permission may be necessary. This makes it easier to track who assumed that role. Depending on security requirements, without this feature, it can be challenging to configure CI/CD pipelines across multiple accounts.

Proposed Solution

Add to bootstrap-template.yaml

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.160.0

Environment details (OS name and version, etc.)

macOS 14.6.1

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/coreRelated to core CDK functionalityeffort/mediumMedium work item – several days of effortfeature-requestA feature should be added or improved.p2

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions