You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 14, 2023. It is now read-only.
This approach should never be recommended, as it can be a serious concern.
Anyone who has access to PAT essentially has access to the GitHub user's entire account (even if it is scoped by permissions).
Since GitHub practices an "account per person" policy, one person may have access to many orgs.
Sharing a PAT in a shared environment (which AWS accounts often can be), can lead to someone stealing this PAT and then using that to gain access to information they were not privy of.
This approach should never be recommended, as it can be a serious concern.
Anyone who has access to PAT essentially has access to the GitHub user's entire account (even if it is scoped by permissions).
Since GitHub practices an "account per person" policy, one person may have access to many orgs.
Sharing a PAT in a shared environment (which AWS accounts often can be), can lead to someone stealing this PAT and then using that to gain access to information they were not privy of.
Alternative approaches to be considered:
aws-cdk-github-oidc(https://github.com/aripalo/aws-cdk-github-oidc)