From 9a709020c51903b2f667db243390534cfc690b0c Mon Sep 17 00:00:00 2001 From: lonnix Date: Fri, 11 Mar 2022 14:48:15 -0600 Subject: [PATCH] Update thunder_github_automation.py Adding wildcard to StringLike match Adding help note about org needing to be case sensitive --- thunder_github_automation/thunder_github_automation.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/thunder_github_automation/thunder_github_automation.py b/thunder_github_automation/thunder_github_automation.py index 28f0ed2..e24e1b1 100755 --- a/thunder_github_automation/thunder_github_automation.py +++ b/thunder_github_automation/thunder_github_automation.py @@ -112,7 +112,7 @@ def _create_role(self, provider_arn: str): "token.actions.githubusercontent.com:aud": "sts.amazonaws.com" }, "StringLike": { - "token.actions.githubusercontent.com:sub": f"repo:{self.organization}/{self.repository}" + "token.actions.githubusercontent.com:sub": f"repo:{self.organization}/{self.repository}:*" } } } @@ -162,7 +162,7 @@ def setup_github_oidc(self): @click.command() @click.option('--repo', required=True, help='GitHub repository name to grant AWS access') -@click.option('--org', required=True, help='GitHub organization where the repository exists') +@click.option('--org', required=True, help='GitHub organization where the repository exists. This is case sensitive') @click.option('--role-name', '-r', help='Optional name of the IAM role to create') @click.option('-v', '--verbose', count=True) def cli(repo, org, verbose, role_name):