Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

OpenID Connect at workspace level

Neil Hunt
Neil Hunt
Contributor
December 19, 2024

We have many apps that we deploy to AWS, each in their own repository. From the documentation for using OpenID for AWS, it states that we use our Provider URL and Audience. It doesn't say exactly where to get them, but I found them inside of the repository settings. This would be arduous to need to create a new IAM role and OpenID provider connection on every single repository. Is there a way to do this at the Bitbucket Workspace level, such that I can create a role and have it be available to all repositories and pipelines within a Workspace or Project?

Answer
Watch
Like Be the first to like this
256 views

1 answer

0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 20, 2024

Hi Neil,

The Identity provider URL and the Audience you see in the Repository settings > OpenID connect are the same for all repositories belonging to the workspace.

You don't need a new Identity Provider for each repository. The page you linked also states this:

The above steps allow any repository under the workspace to assume the created role, and also allows anyone with the token to assume the role.

Please feel free to reach out if you have any questions.

Kind regards,
Theodora

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events