Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding headers in STS Calls for Confused Deputy #1061

Merged
merged 2 commits into from
Mar 11, 2024
Merged

Adding headers in STS Calls for Confused Deputy #1061

merged 2 commits into from
Mar 11, 2024

Conversation

saieshwarm
Copy link
Contributor

Adding headers in STS Calls for Confused Deputy to accept account id and the source ARN

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

ericzbeard
ericzbeard reviewed Mar 7, 2024
View reviewed changes
.pylintrc
@@ -23,4 +24,5 @@ indent-string=' '
max-line-length=160
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add an exception to just the one line if it's not possible to break it down? 160 is very long.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exception is from a different PR(PR No:663).
https://github.com/aws-cloudformation/cloudformation-cli/pull/663/files#diff-ba293004ae8f18975051e825bd8d5c70137a8b5d42d16e0f7c9354aa634c446c

ericzbeard
ericzbeard reviewed Mar 7, 2024
View reviewed changes
Copy link
Contributor

@ericzbeard ericzbeard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just one question about pylintrc

himanshs23
himanshs23 reviewed Mar 11, 2024
View reviewed changes
src/rpdk/core/boto_helpers.py
params["headers"]["x-amz-source-arn"] = headers["source_arn"]

sts_client.meta.events.register("before-call", inject_confused_deputy_headers)
LOG.info(headers)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need to still log it

himanshs23
himanshs23 approved these changes Mar 11, 2024
View reviewed changes
Copy link
Contributor

@himanshs23 himanshs23 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor comment only, else looks good

@saieshwarm saieshwarm merged commit aa6db3a into aws-cloudformation:master Mar 11, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@himanshs23 himanshs23 himanshs23 approved these changes

@kddejong kddejong kddejong approved these changes

@ericzbeard ericzbeard Awaiting requested review from ericzbeard

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@saieshwarm @ericzbeard @kddejong @himanshs23