Skip to content

clockwork-marketing-uk/actions-aws-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
action.yaml
action.yaml
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

AWS Auth Action

Authorize using the GitHub OIDC to AWS

Installation

The AWS account being used will need to have the following setup in AWS

IAM - Identity provider

Provider: token.actions.githubusercontent.com

Audience: sts.amazonaws.com

IAM - Roles

plan with ReadOnlyAccess

apply with AdministratorAccess

Any roles will need to have a trusted entity of the Identity Provider set

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Federated": "arn:aws:iam::{AWS_ACCOUNT_NUMBER}:oidc-provider/token.actions.githubusercontent.com"
            },
            "Action": "sts:AssumeRoleWithWebIdentity",
            "Condition": {
                "StringEquals": {
                    "token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
                },
                "StringLike": {
                    "token.actions.githubusercontent.com:sub": "repo:{GITHUB_ORG_NAME}/*:*"
                }
            }
        }
    ]
}

Usage

    - name: Authorize
      uses: clockwork-marketing-uk/actions-aws-auth@2.0.1
      with:
        region: ${{env.AWS_DEFAULT_REGION}}
        account_id: ${{env.AWS_ACCOUNT_ID}}
        role: ${{env.ROLE_NAME}}

About

GitHub Action for authentication to AWS

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

2.0.1 Latest
Jan 26, 2024
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •