Skip to content

Commit

Permalink
add session tags to assumeRole function
Browse files Browse the repository at this point in the history 
Signed-off-by: Sumu <[email protected]>
  • Loading branch information
@sumupitchayan
sumupitchayan committed Aug 24, 2024
1 parent 2260990 commit 02892e2
Showing 1 changed file with 13 additions and 2 deletions.
15 changes: 13 additions & 2 deletions lib/aws.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,8 @@ export class DefaultAwsClient implements IAws {
credentials = await this.assumeRole(
options.region,
options.assumeRoleArn,
options.assumeRoleExternalId
options.assumeRoleExternalId,
options.assumeRoleSessionTags
);
}

Expand All @@ -141,13 +142,23 @@ export class DefaultAwsClient implements IAws {
private async assumeRole(
region: string | undefined,
roleArn: string,
externalId?: string
externalId?: string,
sessionTags?: { [key: string]: string }
): Promise<AWS.Credentials> {
const parsedTags = sessionTags
? Object.entries(sessionTags).map(([key, value]) => ({
Key: key,
Value: value,
}))
: [];

return new this.AWS.ChainableTemporaryCredentials({
params: {
RoleArn: roleArn,
ExternalId: externalId,
RoleSessionName: `cdk-assets-${safeUsername()}`,
Tags: parsedTags,
TransitiveTagKeys: sessionTags ? Object.keys(sessionTags) : [],
},
stsConfig: {
region,
Expand Down

0 comments on commit 02892e2

Please sign in to comment.