How to set ExternalId when using AWSSDK.Extensions.NETCore.Setup #3284
-
|
I'm using AWSSDK.Extensions.NETCore.Setup for configuration and need to assume a role in certain cases for cross-account access. I currently have code similar to the following to create a client that assumes a role: AWSOptions options = _configuration.GetAWSOptions<AmazonLambdaConfig>();
options.SessionRoleArn = roleArn;
options.SessionName = sessionName;
return options.CreateServiceClient<IAmazonLambda>();However, I can't find how I can set the ExternalId to address the "confused deputy problem" documented here: https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html I explored creating an AssumeRoleAWSCredentials instance manually (so I could set the AssumeRoleAWSCredentialsOptions myself) with the idea of setting the Credentials property of my AWSOptions object. However, the AssumeRoleAWSCredentials requires sourceCredentials, which I'm not sure how to get from my AWSOptions. How can I assume a role with ExternalId set when using AWSSDK.Extensions.NETCore.Setup? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
@douggish Good morning. Thanks for the report. We discussed this with team. This doesn't currently appear to be supported and is a good candidate for feature request. Created feature request #3286 from this discussion for prioritization. Please follow this feature request for any updates. |
Beta Was this translation helpful? Give feedback.
-
|
@douggish Support for |
Beta Was this translation helpful? Give feedback.
@douggish Good morning. Thanks for the report. We discussed this with team. This doesn't currently appear to be supported and is a good candidate for feature request. Created feature request #3286 from this discussion for prioritization. Please follow this feature request for any updates.