gh-actions-repo
Repo for testing Github Actions for deploying resources in AWS
Trust relationship policy for IAM role
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::123456123456:oidc-provider/token.actions.githubusercontent.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringLike": {
"token.actions.githubusercontent.com:aud": "sts.amazonaws.com",
"token.actions.githubusercontent.com:sub": "repo:0ni0nrings/gh-actions-repo:*"
}
}
}
]
}
For instructions on creating OIDC role, click here