Skip to content
/ action-aws-assume-role-oidc Public

GitHub Action for assuming an AWS IAM role via a GitHub OpenID Connect identity provider (OIDC).

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

flipgroup/action-aws-assume-role-oidc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

.vscode

.vscode

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yml

action.yml

 
 

main.py

main.py

 
 

Repository files navigation

Action AWS assume IAM role via OpenID Connect

GitHub Action for assuming an AWS IAM role via a GitHub OpenID Connect identity provider (OIDC).

Optionally a second target IAM role can be assumed from the first OIDC enabled role.

Usage

jobs:
  main:
    name: OpenID Connect (OIDC) IAM role
    runs-on: ubuntu-latest
    # note: permissions required to fetch OpenID Connect token and allow actions/checkout
    permissions:
      contents: read
      id-token: write
    steps:
      - name: Assume AWS IAM role
        uses: flipgroup/action-aws-assume-role-oidc@main
        with:
          # note: assume-role-arn is optional
          web-identity-role-arn: arn:aws:iam::ACCOUNT_ID:role/OIDC_TRUSTED_ROLE
          assume-role-arn: arn:aws:iam::ACCOUNT_ID:role/TARGET_ASSUME_ROLE
          aws-region: ap-southeast-2
      - name: whoami
        run: aws sts get-caller-identity

About

GitHub Action for assuming an AWS IAM role via a GitHub OpenID Connect identity provider (OIDC).

Topics

aws iam-role github-actions

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

11 watching

Forks

0 forks
Report repository

Languages