aws-actions/amazon-ecs-render-task-definition

add inputs executionRoleArn and taskRoleArn

Opened this issue · 3 comments

hblab-ngocnd commented

for security reason, want add input executionRoleArn and taskRoleArn for task definition

bert2002 commented

You can simply do this by adding it to the task-definition . E.g.

  "TaskDefinition": {
    "executionRoleArn": "arn:aws:iam::<id>:role/<name>",
    "containerDefinitions": [
      {
...
hblab-ngocnd commented

@bert2002
But that not good for security because that show Arn Role for viewer.
It is better If input has options for set role from secret key by input

amazon-ecs-render-task-definition/action.yml

Lines 6 to 18 in 74bfbc8

inputs:
task-definition:
description: 'The path to the ECS task definition JSON file'
required: true
container-name:
description: 'The name of the container defined in the containerDefinitions section of the ECS task definition'
required: true
image:
description: 'The URI of the container image to insert into the ECS task definition'
required: true
environment-variables:
description: 'Variables to add to the container. Each variable is of the form KEY=value, you can specify multiple variables with multi-line YAML strings.'
required: false

dangeReis commented

I agree, hardcoding the parameters in the task-definition is not useful. Can we prioritize this feature request?