Deploy an Architect project from GitHub Actions with keys gathered from aws-actions/configure-aws-credentials

Related tags

Learning resource arc-gha-aws-oidc
Overview

Deploy an Architect project from GitHub Actions with keys gathered from a specific AWS IAM Role federated by an IAM OIDCProvider.

CloudFormation to creat the GitHub OIDCProvider and an IAM Role:

Parameters:
  FullRepoName:
    Type: String
    Default: tbeseda/arc-gha-aws-oidc
Resources:
  Role:
    Type: 'AWS::IAM::Role'
    Properties:
      RoleName: github
      ManagedPolicyArns:
        - 'arn:aws:iam::aws:policy/AdministratorAccess'
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Action: 'sts:AssumeRoleWithWebIdentity'
            Principal:
              Federated: !Ref GithubOidc
            Condition:
              StringLike:
                'token.actions.githubusercontent.com:sub': !Sub 'repo:${FullRepoName}:*'
  GithubOidc:
    Type: 'AWS::IAM::OIDCProvider'
    Properties:
      Url: 'https://token.actions.githubusercontent.com'
      ThumbprintList:
        - 6938fd4d98bab03faadb97b34396831e3780aea1
      ClientIdList:
        - 'sts.amazonaws.com'
Outputs:
  Role:
    Value: !GetAtt Role.Arn

See .github/workflows/deploy.yml for usage.

Resources

You might also like...

A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built on AWS Serverless technologies. Served by CloudFront via an Origin Access Identity. Executed on Lambda@Edge. Backed by S3. Protected by AWS WAF. Provisioned via CloudFormation. Deployed by the AWS SAM CLI.

A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on

Image Flex A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built

Dec 20, 2022

Learn Web 2.0 and Web 3.0 Development using Next.js, Typescript, AWS CDK, AWS Serverless, Ethereum and AWS Aurora Serverless

Learn Web 2.0 Cloud and Web 3.0 Development in Baby Steps In this course repo we will learn Web 2.0 cloud development using the latest state of the ar

Jan 3, 2023

MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are still part of a flow in the AWS cloud remote.

MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are still part of a flow in the AWS cloud remote.

MerLoc MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are

Dec 21, 2022

AWS Lambda & Serverless - Developer Guide with Hands-on Labs. Develop thousands line of aws lambda functions interact to aws serverless services with real-world hands-on labs

AWS Lambda & Serverless - Developer Guide with Hands-on Labs. Develop thousands line of aws lambda functions interact to aws serverless services with real-world hands-on labs

AWS Lambda & Serverless - Developer Guide with Hands-on Labs UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this Repository - https://www

Dec 17, 2022

Create a badge using GitHub Actions and GitHub Workflow CPU time

Generated Badges Create a badge using GitHub Actions and GitHub Workflow CPU time (no 3rd parties servers) Install $ npm i generated-badges -g Command

Dec 30, 2022

A Docusaurus website deployed to GitHub Pages using GitHub Actions.

Deploy Docusaurus website to GitHub Pages using GitHub Actions This repository is an example of deploying a Docusaurus website to GitHub Pages using G

Dec 26, 2022

A small CLI utility to configure Japa inside an existing Node.js project

A small CLI utility to configure Japa inside an existing Node.js project

Mar 11, 2022

Sample code for resizing Images with Lambda@Edge using the Custom Origin. You can deploy using AWS CDK.

Sample code for resizing Images with Lambda@Edge using the Custom Origin. You can deploy using AWS CDK.

Resizing Images with Lambda@Edge using the Custom Origin You can resize the images and convert the image format by query parameters. This Lambda@Edge

Dec 11, 2022

Please do not use this tracker to scam anyone! This is free and will be forever free. This tracking will never ask for seed phrases nor private keys. Keep safe!

CryptoBlades Tracker Related modules express - web application framework for node pug - template engine stylus - pre-processor CSS mongoose - nodejs o

Oct 13, 2022
Owner
Taylor Beseda
Colorado Front Range. Node.js thrill-seeker.
Taylor Beseda
GitHub
Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations

Spectral VS Code extension The Spectral VS Code extension is a tool for developers that want to catch security issues (such as credentials, tokens and

null 15 Dec 19, 2022
Create deployment files and configure GitHub Actions workflows to deploy applications to Azure Kubernetes Service (AKS).

Azure Kubernetes Service (AKS) DevX (Developer experience) Extension for Visual Studio Code (Preview) The AKS DevX extension for Visual Studio Code (P

Microsoft Azure 11 Oct 1, 2022
A monorepo that uses the AWS Cloud Development Kit to deploy and configure nanomdm on AWS lambda.

NanoMDM on AWS This repo builds and configures a nanomdm server to run on AWS lambda. It uses the Cloud Development Kit and tries to follow best pract

Stevie Clifton 4 May 26, 2022
Under the Sea is an official AWS workshop delivered by AWS SAs and AWS Partners to help customers and partners to learn about AIOps with serverless architectures on AWS.

Under the Sea - AIOps with Serverless Workshop Under the Sea is an exciting MMORPG developed by the famous entrepreneur behind Wild Rydes, the most po

AWS Samples 4 Nov 16, 2022
For this workshop, we're going to learn more about cloud computing by exploring how to use Pulumi to build, configure, and deploy a real-life, modern application using Docker

For this workshop, we're going to learn more about cloud computing by exploring how to use Pulumi to build, configure, and deploy a real-life, modern application using Docker. We will create a frontend, a backend, and a database to deploy the Pulumipus Boba Tea Shop. Along the way, we'll learn more about how Pulumi works.

Kat Cosgrove 9 Dec 29, 2022
local docker-compose environment to deploy and configure backoffice

backoffice-local local docker-compose environment to deploy and configure backoffice How to install To install the repo dependencies yarn install be s

micro-lc 2 Dec 15, 2022
A simple Node.js code to get unlimited instagram public pictures by every user without api, without credentials.

Instagram Without APIs Instagram Scraping in August 2022, no credentials required This is a Node.js library, are you looking for the same in PHP? go t

Francesco Orsi 28 Dec 29, 2022
Sample of CI/CD auto deploy to own server via Github Actions

Psst — looking for a more complete solution? Check out SvelteKit, the official framework for building web applications of all sizes, with a beautiful

MauCoding 2 Mar 19, 2022
A CLI tool to create a NodeJS project with TypeScript CTSP is a CLI tool to make easier to start a new NodeJS project and configure Typescript on it.

CTSP- Create TS Project A CLI tool to create a NodeJS project with TypeScript CTSP is a CLI tool to make easier to start a new NodeJS project and conf

Jean Rodríguez 7 Sep 13, 2022
Assume AWS IAM Roles using SAML.to in GitHub Actions

assume-aws-role-action This action enables workflows to obtain AWS Access Credentials for a desired IAM Role using AWS IAM SAML and a GitHub Actions R

null 180 Dec 31, 2022