Collected sources and patterns will appear here. Add from search, explore, or the patterns library.
NamespaceAnnotations, RoleARN -> AuthorizedClient
Validate an requested IAM role ARN against a regular expression pattern defined in the target namespace's annotations before assuming the identity.
Problem it solves
Workloads in multi-tenant environments might attempt to assume administrative or cross-tenant cloud IAM roles.
Consumes
Emits
The real projects this mechanism was found in. Attribution is the point — this is how the best teams actually do it.