Using AWS OIDC authentication in circleci

I am following the guide called openid-connect-identity-tokens* to use OIDC authentication with circecli instead of passing in the AWS access key ID and AWS secret key as environment variables.

It’s all very straightforward if we run AWS commands within the circle.yml file itself as in the guide.

However, we would like to run a python script


      - run:
          command: |
             echo "creating resources"

Is it possible to “pass down” the authentication to this python script so boto commands are authenticated?

  • I can’t add links.