In the last post we looked at how to set up a trust policy and role in AWS so that we can use a Google ID token to authenticate to AWS. But how do we actually use this in C#? The AWS SDK contains a class AssumeRoleWithWebIdentityCredentials – but on closer look, this class turns out to be not too useful since it expects us to provide the input token (the service account’s ID token) in a file. Assuming that out code runs on Cloud Run or on a VM instance, it would make more sense to: Call G...
