AWS Security Token Service (sts)

2026-07-15

74 new conditions | 1 updated action

Additions

Updates

    Actions
  • AssumeRoleWithWebIdentity
      Conditions
    • + accounts.google.com:google/organization_number
    • + agent.${Domain}.buildkite.dev:build_branch
    • + agent.${Domain}.buildkite.dev:cluster_id
    • + agent.${Domain}.buildkite.dev:cluster_name
    • + agent.${Domain}.buildkite.dev:organization_id
    • + agent.${Domain}.buildkite.dev:organization_slug
    • + agent.${Domain}.buildkite.dev:pipeline_id
    • + agent.${Domain}.buildkite.dev:pipeline_slug
    • + agent.${Domain}.buildkite.site:build_branch
    • + agent.${Domain}.buildkite.site:cluster_id
    • + agent.${Domain}.buildkite.site:cluster_name
    • + agent.${Domain}.buildkite.site:organization_id
    • + agent.${Domain}.buildkite.site:organization_slug
    • + agent.${Domain}.buildkite.site:pipeline_id
    • + agent.${Domain}.buildkite.site:pipeline_slug
    • + agent.buildkite.com:build_branch
    • + agent.buildkite.com:cluster_id
    • + agent.buildkite.com:cluster_name
    • + agent.buildkite.com:organization_id
    • + agent.buildkite.com:organization_slug
    • + agent.buildkite.com:pipeline_id
    • + agent.buildkite.com:pipeline_slug
    • + github.com/enterprises/${EnterpriseName}:actor
    • + github.com/enterprises/${EnterpriseName}:actor_id
    • + github.com/enterprises/${EnterpriseName}:enterprise_id
    • + github.com/enterprises/${EnterpriseName}:environment
    • + github.com/enterprises/${EnterpriseName}:job_workflow_ref
    • + github.com/enterprises/${EnterpriseName}:ref
    • + github.com/enterprises/${EnterpriseName}:repository
    • + github.com/enterprises/${EnterpriseName}:repository_id
    • + github.com/enterprises/${EnterpriseName}:repository_owner_id
    • + github.com/enterprises/${EnterpriseName}:workflow
    • + gitlab.com:namespace_id
    • + gitlab.com:pipeline_source
    • + gitlab.com:project_id
    • + gitlab.com:ref_protected
    • + gitlab.com:runner_environment
    • + gitlab.com:user_access_level
    • + gitlab.com:user_email
    • + gitlab.com:user_id
    • + gitlab.com:user_login
    • + idcs-${OciUniqueIdentifier}.identity.oraclecloud.com:rpst_id
    • + oidc.circleci.com/org/${OrgId}:oidc.circleci.com/project-id
    • + sts:RoleAuthorizedByIdp
    • + token.actions.${Domain}.ghe.com:actor
    • + token.actions.${Domain}.ghe.com:actor_id
    • + token.actions.${Domain}.ghe.com:enterprise_id
    • + token.actions.${Domain}.ghe.com:environment
    • + token.actions.${Domain}.ghe.com:job_workflow_ref
    • + token.actions.${Domain}.ghe.com:ref
    • + token.actions.${Domain}.ghe.com:repository
    • + token.actions.${Domain}.ghe.com:repository_id
    • + token.actions.${Domain}.ghe.com:repository_owner_id
    • + token.actions.${Domain}.ghe.com:workflow
    • + token.actions.githubusercontent.com/${SubPath}:actor
    • + token.actions.githubusercontent.com/${SubPath}:actor_id
    • + token.actions.githubusercontent.com/${SubPath}:enterprise_id
    • + token.actions.githubusercontent.com/${SubPath}:environment
    • + token.actions.githubusercontent.com/${SubPath}:job_workflow_ref
    • + token.actions.githubusercontent.com/${SubPath}:ref
    • + token.actions.githubusercontent.com/${SubPath}:repository
    • + token.actions.githubusercontent.com/${SubPath}:repository_id
    • + token.actions.githubusercontent.com/${SubPath}:repository_owner_id
    • + token.actions.githubusercontent.com/${SubPath}:workflow
    • + token.actions.githubusercontent.com:actor
    • + token.actions.githubusercontent.com:actor_id
    • + token.actions.githubusercontent.com:enterprise_id
    • + token.actions.githubusercontent.com:environment
    • + token.actions.githubusercontent.com:job_workflow_ref
    • + token.actions.githubusercontent.com:ref
    • + token.actions.githubusercontent.com:repository
    • + token.actions.githubusercontent.com:repository_id
    • + token.actions.githubusercontent.com:repository_owner_id
    • + token.actions.githubusercontent.com:workflow