Proof of concept for using AssumeRoleWithWebIdentity in AWS using GOV.UK OneLogin as an identity provider.
- Set up a Relying Party (RP) in GOV.UK One Login, using private_key_jwt and
IdTokenSigningAlgorithmset toRS256(AWS does not supportES256at this time). - Create
config.jsonfromconfig.json.template, filling out all variables apart fromaws_role_to_assume(this is generated by the Terraform) - Run Terraform against an AWS account of your choice
- Add the output role arn to
config.json - Install JS dependencies with
npm install - Run the app locally with
node -e 'require("./app").run()