From 48f10a4e8cdcf876ad78834c76a6a8b4c7fd5266 Mon Sep 17 00:00:00 2001
From: James Shaw <js102@zepler.net>
Date: Sat, 14 Oct 2023 20:02:15 +0100
Subject: [PATCH] feat: improve docs

---
 src/oidc-provider.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/oidc-provider.ts b/src/oidc-provider.ts
index 08e2e66d..fc3c4b5d 100644
--- a/src/oidc-provider.ts
+++ b/src/oidc-provider.ts
@@ -20,14 +20,17 @@ export interface GitHubActionRoleProps {
    * A list of GitHub repositories you want to be able to access the IAM role.
    * Each entry should be your GitHub username and repository passed in as a
    * single string.
+   * An entry `owner/repo` is equivalent to the subjectClaim `repo:owner/repo:*`.
    *
    * For example, `['owner/repo1', 'owner/repo2'].
    */
   readonly repos?: string[];
 
   /**
-   * A list of subject claims.
+   * A list of subject claims allowed to access the IAM role.
    * See https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect
+   * A subject claim can include `*` and `?` wildcards according to the `StringLike`
+   * condition operator.
    *
    * For example, `['repo:owner/repo1:ref:refs/heads/branch1', 'repo:owner/repo1:environment:prod']`
    */