This guide will show you how to deploy a webhook for Indent to communicate with for granting and revoking access, among other operations, to ACL files inside a GitHub repo. This webhook can be run as an AWS Lambda.
This page assumes that you or someone on your team has already completed the Quickstart. If you haven't already, we would recommend you check it out - it should take 5 minutes.
We're going to manually create an Indent Resource for each ACL role then set up automated change management. This webhook integration only works when your application uses an ACL file for managing access because it makes changes directly to the file.
Currently, this webhook can only be deployed on AWS.
Step 0: Configure your cloud provider
Before getting started, let's get all the AWS-specific items ready:
Step 1: Create custom Indent Resources
Create the resource
- Sign into your Indent Space.
- Go to your Resources.
- Click "New" and create a new Resource.
- Under resource kind, type in "customApp.v1.Role"
- Enter the name of your Custom App
- Enter the ID of your Custom App
- Add these labels to your resource:
githubRepo— path to the repo, e.g.
githubPath— path to the file, e.g.
role— Name of the role, e.g.
Create the ACL file
Create an ACL file in the GitHub Repo you want Indent to manage. Include each role as an entry in the file. Note, Indent can only manage roles inside the comment blocks in your ACL file.
Step 2: Deploy the change webhook
Download the example:
curl https://codeload.github.com/indentapis/examples/tar.gz/main | tar -xz --strip=3 examples-main/webhooks/change/terraform-aws-github-files-webhook
Follow the instructions in the
README to complete the deployment process then save the new webhook in your Indent Policies.
Step 3: Configure your Indent policies
- Open the "Access Request Rules" section and navigate to the rules for your new resource.
- Configure the approvers for granting access to Custom App roles.
Step 4: Make a test request
- Go to Request Access.
- Select your ACL Role from the dropdown and enter a reason for access.
- Once access is approved, check your GitHub Repo ACL file to confirm membership.
Congrats! You've just configured requesting and managing ACL File access with Indent.