You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+6-2Lines changed: 6 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -191,6 +191,10 @@ Cloud as an output for use in future steps in the workflow. These options only
191
191
apply to ID tokens generated by this action. By default, this action does not
192
192
generate any tokens.
193
193
194
+
> [!CAUTION]
195
+
>
196
+
> ID Tokens have a maximum lifetime of 10 minutes. This value cannot be changed.
197
+
194
198
- `service_account`: (Required) Email address or unique identifier of the
195
199
Google Cloud service account for which to generate the ID token. For
196
200
example:
@@ -333,8 +337,8 @@ In this setup, the Workload Identity Pool has direct IAM permissions on Google
333
337
Cloud resources; there are no intermediate service accounts or keys. This is
334
338
preferred since it directly authenticates GitHub Actions to Google Cloud without
335
339
a proxy resource. However, not all Google Cloud resources support `principalSet`
336
-
identities. Please see the documentation for your Google Cloud service for more
337
-
information.
340
+
identities, and the resulting token has a maximum lifetime of 10 minutes. Please
341
+
see the documentation for your Google Cloud service for more information.
338
342
339
343
[](docs/google-github-actions-auth-direct-workload-identity-federation.svg)
0 commit comments