feat: Support AWS OIDC Authentication on Hosted Trigger Runners #1851
Description
Is your feature request related to a problem? Please describe.
Authenticating with AWS currently requires setting up access keys.
However many other providers (e.g. Github, Fly.io etc) allow you to authenticate machines via OIDC requests.
It would be really great to support authenticating to AWS via OIDC. This means you just pass a role via an environment variable in the trigger task and set it up once in your AWS account to give a trigger task access, then it makes a request to trigger via OIDC and authenticates per run. You don't need to pass around access keys and such and your giving access to a role rather than keys.
This is how I often authenticate with say Github repos, so I'm not managing keys.
Great feature add.
Describe the solution you'd like to see
Setup my AWS account with correct trigger.dev OIDC credentials and give permission to a specific task name (or names).
Then, when authenticating the trigger OIDC server says yes/no and my app can authenticate to AWS and assume a role without passing any credentials.
Describe alternate solutions
Right now, the other solution is passing access credentials directly. This is less secure.
Additional information
No response