Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maintenance: Change permissions in workflow files #5860

Closed
1 of 2 tasks
leandrodamascena opened this issue Jan 13, 2025 · 2 comments · Fixed by #5861
Closed
1 of 2 tasks

Maintenance: Change permissions in workflow files #5860

leandrodamascena opened this issue Jan 13, 2025 · 2 comments · Fixed by #5861
Labels
internal Maintenance changes triage Pending triage from maintainers

Comments

@leandrodamascena
Copy link
Contributor

Why is this needed?

Our current pipeline requires a review of token permissions to enhance system security and improve our Scorecard score. We've identified that pipelines are using overly broad token scopes, which introduces unnecessary risk and don't adhere with best practices.

Image

Which area does this relate to?

Automation

Solution

No response

Acknowledgment
@leandrodamascena leandrodamascena added internal Maintenance changes triage Pending triage from maintainers labels Jan 13, 2025
@leandrodamascena leandrodamascena mentioned this issue Jan 13, 2025
Merged
7 tasks
@leandrodamascena leandrodamascena linked a pull request Jan 13, 2025 that will close this issue
chore(ci): change token permissions / update aws-credentials action #5861
Merged
7 tasks
@github-project-automation github-project-automation bot moved this from Triage to Coming soon in Powertools for AWS Lambda (Python) Jan 13, 2025
@github-actions GitHub Actions
Copy link
Contributor

⚠️COMMENT VISIBILITY WARNING⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot added the pending-release Fix or implementation already in dev waiting to be released label Jan 13, 2025
This was referenced Jan 13, 2025
Merged
Merged
Merged
Merged
@dreamorosi dreamorosi mentioned this issue Jan 20, 2025
Closed
@leandrodamascena leandrodamascena moved this from Coming soon to Shipped in Powertools for AWS Lambda (Python) Jan 27, 2025
@dreamorosi dreamorosi mentioned this issue Jan 27, 2025
Open
@github-actions GitHub Actions
Copy link
Contributor

This is now released under 3.5.0 version!

@github-actions github-actions bot removed the pending-release Fix or implementation already in dev waiting to be released label Jan 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
internal Maintenance changes triage Pending triage from maintainers
Projects
Powertools for AWS Lambda (Python)
Status: Shipped
Milestone
No milestone
1 participant
@leandrodamascena