Assume AWS IAM Roles using SAML.to in GitHub Actions

Related tags

Learning resource aws saml aws-iam assume-role assume github-actions scaffoldly saml-to
Overview

assume-aws-role-action

GitHub release (latest by date) GitHub issues GitHub Workflow Status Gitter

This action enables workflows to obtain AWS Access Credentials for a desired IAM Role using AWS IAM SAML and a GitHub Actions Repository Token.

Benefits:

  • No need to copy/paste AWS Access Tokens into GitHub Secrets
  • No need to rotate AWS Access Tokens

This action uses SAML.to and an AWS IAM Identity Provider to exchange a GitHub Actions Token for AWS Access Credentials.

This action will set the following environment variables:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SESSION_TOKEN
  • AWS_DEFAULT_REGION

Usage

See action.yml

steps:
  - uses: saml-to/assume-aws-role-action@v1
    with:
      role: arn:aws:iam::123456789012:role/admin
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  - run: aws sts get-caller-identity
  - run: aws ec2 describe-instances

Examples

See aws-assume-role-action-examples

Configuration

  1. Download Your Metadata from SAML.to

  2. Create a new SAML Identity Provider in AWS IAM

    1. Provider Name: Repository Name (the name of the repository running the action)
    2. Metadata Document: Upload the Metadata Document from SAML.to
    3. Make note of the Provder ARN in the AWS console

  3. Create or update the Trust Relationship on a new or existing IAM Role to contain the following:

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Federated": "PROVIDER_ARN"
      },
      "Action": "sts:AssumeRoleWithSAML",
      "Condition": {
        "StringEquals": {
          "SAML:aud": "https://signin.aws.amazon.com/saml"
        }
      }
    }
  ]
}
    • Replace PROVIDER_ARN with the newly created ARN of the provider, e.g. arn:aws:iam::123456789012:saml-provider/my-repository
    • Make note of the Role ARN for this Role

  4. Add a new file named saml-to.yml to the repository that needs AWS Access Credentials during GitHub Actions:

    your-repository/saml-to.yml:

    ---
version: "20220101"
variables:
  awsProviderArn: "PROVIDER_ARN"
  awsRoleArn: "ROLE_ARN"
providers:
  aws:
    entityId: https://signin.aws.amazon.com/saml
    acsUrl: https://signin.aws.amazon.com/saml
    attributes:
      https://aws.amazon.com/SAML/Attributes/RoleSessionName: "<#= repo.name #>"
      https://aws.amazon.com/SAML/Attributes/SessionDuration: "3600"
      https://aws.amazon.com/SAML/Attributes/Role: "<#= repo.selectedRole #>,<$= awsProviderArn $>"
permissions:
  aws:
    roles:
      - name: <$= awsRoleArn $>
        self: true
    • Replace PROVIDER_ARN with the ARN of the provider created above (e.g. arn:aws:iam::123456689012:saml-provider/my-repository)
    • Replace ROLE_ARN with the ARN of the IAM Role modified above. (e.g. arn:aws:iam::123456689012:role/admin)

  5. Modify the GitHub Action Workflow to obtain AWS Access Credentials

    your-repository/.github/workflows/action-name.yml:

       jobs:
     prerelease:
       runs-on: ubuntu-latest
       steps:
         - uses: actions/checkout@v2
         ...
         - uses: saml-to/assume-aws-role@v1
           env:
             GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           with:
             role: "ROLE_ARN"
         ...
    • Replace ROLE_ARN with the ARN of the IAM Role modified above. (e.g. arn:aws:iam::123456689012:role/admin)

Inputs

role (Required)

The ARN of the role to assume. This Role ARN must also be defined in the saml-to.yml configuration file under permissions.

region (Optional)

The AWS Region to use. This will also be set as the AWS_DEFAULT_REGION environment variable and the region output.

Default: us-east-1

provider (Optional)

If there are multiple provider entries in the saml-to.yml configuration file, set a specific provider.

Note: If multiple providers are configured, and this is absent, the Action will fail.

Default: `` (Empty String)

Outputs

region

The AWS Region authenitcated with (default: us-east-1)

Can be modified with the region input.

This will also be set in the AWS_DEFAULT_REGION environment variable.

accountId

The AWS Account ID authenticated with (e.g. 123456789012)

userId

The ephemeral user ID (e.g. AROAYOAAAAAAAAAAAAAAA:my-repository)

roleArn

The ARN of the Role.

It will be identical to the role input.

assumedRoleArn

The effective ARN of the Assumed Role (e.g. arn:aws:sts::123456789012:assumed-role/admin/my-repository)

accessKeyId

The generated AWS Access Key ID.

This is also be set in the AWS_ACCESS_KEY_ID environment variable.

secretAccessKey

The generated AWS Secret Access Key.

This is also be set in the AWS_SECRET_ACCESS_KEY environment variable.

sessionToken

The generated AWS Session Toke.

This is also be set in the AWS_SESSION_TOKEN environment variable.

FAQs

See FAQs

Maintainers

Help & Support

License

Apache-2.0 License

You might also like...

Everynode allows you to run any version of Node.js in AWS Lambda, in any commercial AWS region

Everynode allows you to run any version of Node.js in AWS Lambda, in any commercial AWS region

Run Any Node.js Version in AWS Lambda Everynode allows you to run any version of Node.js in AWS Lambda, in any commercial AWS region. We add support f

Dec 15, 2022

A monorepo that uses the AWS Cloud Development Kit to deploy and configure nanomdm on AWS lambda.

NanoMDM on AWS This repo builds and configures a nanomdm server to run on AWS lambda. It uses the Cloud Development Kit and tries to follow best pract

May 26, 2022

a stack-separated way to bringing together common AWS services useful in a fullstack application that uses AWS Amplify libraries

Fullstack CDK Helpers This project helps developers create common AWS services that are useful in creating fullstack applications. Backend services ar

Nov 26, 2022

Lumos is an AWS Lambda visualizer and open source alternative to AWS CloudWatch.

Lumos is an AWS Lambda visualizer and open source alternative to AWS CloudWatch.

Lumos Lambda Metrics Visualizer Table of Contents About Lumos Techologies Used Getting Started Key Lambda Metrics How to Contribute License Contributo

Nov 5, 2022

An Amazon Kendra REST API CDK example with an API Gateway, including authentication with AWS Cognito and AWS X-Ray Tracing

An Amazon Kendra REST API CDK example with an API Gateway, including authentication with AWS Cognito and AWS X-Ray Tracing

Amazon Kendra Web Service CDK Sample Amazon Kendra has a robust JSON API for use with the AWS SDK (software development kit), but does not expose endp

Nov 28, 2022

Track Apple software update changes with Github Actions

What is this? This repo is scraping known Apple software update URLs and keeps the results in recursively sorted (and therefore diffable) JSON files.

Dec 8, 2022

Sample of CI/CD auto deploy to own server via Github Actions

Psst β€” looking for a more complete solution? Check out SvelteKit, the official framework for building web applications of all sizes, with a beautiful

Mar 19, 2022

GitHub Actions Tutorial

GitHub Actions Tutorial This is a brief intro of how to use GitHub Actions for a frontend (static S3) and a backend (lambda). If you want to learn mor

Mar 4, 2022

Fullstack Turborepo starter. Typescript, Nestjs, Nextjs, Tailwind, Prisma, Github Actions, Docker, And Reverse proxy configured

Turborepo (NestJS + Prisma + NextJS + Tailwind + Typescript + Jest) Starter This is fullstack turborepo starter. It comes with the following features.

Jan 9, 2023
Comments
  • Fix deprecation message for `set-output`

    Fix deprecation message for `set-output`

    Fix:

    The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
    opened by cnuss 0
  • build(deps): Bump follow-redirects from 1.14.6 to 1.15.2

    build(deps): Bump follow-redirects from 1.14.6 to 1.15.2

    Bumps follow-redirects from 1.14.6 to 1.15.2.

    Commits
    • 9655237 Release version 1.15.2 of the npm package.
    • 6e2b86d Default to localhost if no host given.
    • 449e895 Throw invalid URL error on relative URLs.
    • e30137c Use type functions.
    • 76ea31f ternary operator syntax fix
    • 84c00b0 HTTP header lines are separated by CRLF.
    • d28bcbf Create SECURITY.md (#202)
    • 62a551c Release version 1.15.1 of the npm package.
    • 7fe0779 Use for ... of.
    • 948c30c Fix redirecting to relative URL when using proxy
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): Bump terser from 5.10.0 to 5.16.1

    build(deps): Bump terser from 5.10.0 to 5.16.1

    Bumps terser from 5.10.0 to 5.16.1.

    Changelog

    Sourced from terser's changelog.

    v5.16.1

    • Properly handle references in destructurings (const { [reference]: val } = ...)
    • Allow parsing of .#privatefield in nested classes
    • Do not evaluate operations that return large strings if that would make the output code larger
    • Make collapse_vars handle block scope correctly
    • Internal improvements: Typos (#1311), more tests, small-scale refactoring

    v5.16.0

    • Disallow private fields in object bodies (#1011)
    • Parse #privatefield in object (#1279)
    • Compress #privatefield in object

    v5.15.1

    • Fixed missing parentheses around optional chains
    • Avoid bare let or const as the bodies of if statements (#1253)
    • Small internal fixes (#1271)
    • Avoid inlining a class twice and creating two equivalent but !== classes.

    v5.15.0

    • Basic support for ES2022 class static initializer blocks.
    • Add AudioWorkletNode constructor options to domprops list (#1230)
    • Make identity function inliner not inline id(...expandedArgs)

    v5.14.2

    • Security fix for RegExps that should not be evaluated (regexp DDOS)
    • Source maps improvements (#1211)
    • Performance improvements in long property access evaluation (#1213)

    v5.14.1

    • keep_numbers option added to TypeScript defs (#1208)
    • Fixed parsing of nested template strings (#1204)

    v5.14.0

    • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
    • Fixed source maps with non-terminated segments (#1106)
    • Enabled typescript types to be imported from the package (#1194)
    • Extra DOM props have been added (#1191)
    • Delete the AST while generating code, as a means to save RAM

    v5.13.1

    • Removed self-assignments (varname=varname) (closes #1081)
    • Separated inlining code (for inlining things into references, or removing IIFEs)
    • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

    v5.13.0

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): Bump minimist from 1.2.5 to 1.2.7

    build(deps): Bump minimist from 1.2.5 to 1.2.7

    Bumps minimist from 1.2.5 to 1.2.7.

    Changelog

    Sourced from minimist's changelog.

    v1.2.7 - 2022-10-10

    Commits

    • [meta] add auto-changelog 0ebf4eb
    • [actions] add reusable workflows e115b63
    • [eslint] add eslint; rules to enable later are warnings f58745b
    • [Dev Deps] switch from covert to nyc ab03356
    • [readme] rename and add badges 236f4a0
    • [meta] create FUNDING.yml; add funding in package.json 783a49b
    • [meta] use npmignore to autogenerate an npmignore file f81ece6
    • Only apps should have lockfiles 56cad44
    • [Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f
    • [Tests] add aud in posttest 228ae93
    • [meta] add safe-publish-latest 01fc23f
    • [meta] update repo URLs 6b164c7

    v1.2.6 - 2022-03-21

    Commits

    • test from prototype pollution PR bc8ecee
    • isConstructorOrProto adapted from PR c2b9819
    • security notice for additional prototype pollution issue ef88b93
    Commits
    • c590d75 v1.2.7
    • 0ebf4eb [meta] add auto-changelog
    • e115b63 [actions] add reusable workflows
    • 01fc23f [meta] add safe-publish-latest
    • f58745b [eslint] add eslint; rules to enable later are warnings
    • 228ae93 [Tests] add aud in posttest
    • 236f4a0 [readme] rename and add badges
    • ab03356 [Dev Deps] switch from covert to nyc
    • 49c5f9f [Dev Deps] update covert, tape; remove unnecessary tap
    • 783a49b [meta] create FUNDING.yml; add funding in package.json
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(1.0.12)

  • 1.0.12(Dec 23, 2022)

  • 1.0.11(Nov 1, 2022)

    Release 1.0.11-4:

    Commits since 1.0.10:

    • 4b44793: Merge pull request #8 from saml-to/7-fix-deprecation-message-for-set-output (Christian Nuss) [compare]

    • 7b7ea95: πŸ€– CI: Prerelease: 1.0.11-3 (GitHub Action) [compare]

    • a57c0d1: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 74a1950: more distinct role name (Christian Nuss) [compare]

    • 9f01bef: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 17de853: assume multiaccount tests (Christian Nuss) [compare]

    • 0b24886: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • a0d64ce: use correct role name (Christian Nuss) [compare]

    • 92ded78: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 0dbbd52: add tests using variables (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.10(Sep 29, 2022)

    Release 1.0.10-0:

    Commits since 1.0.9:

    • 403385a: Merge pull request #6 from saml-to/5-set-awscredentials-and-awsconfig-instead-of-environment-variables (Christian Nuss) [compare]

    • 5274775: πŸ€– CI: Postrelease: 1.0.9 (GitHub Action) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.9(Sep 27, 2022)

    Release 1.0.9-3:

    Commits since 1.0.8:

    • f6574c8: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 970d1ef: update readme (Christian Nuss) [compare]

    • 6f93362: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 153e8e6: disable test (Christian Nuss) [compare]

    • eec133a: update api and dist (Christian Nuss) [compare]

    • 711016b: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • dbebcf7: update dist (Christian Nuss) [compare]

    • ff3a5f2: add configPath (Christian Nuss) [compare]

    • 54e03da: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 6f58305: update FAQs with screenshots (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.8(Jul 17, 2022)

  • 1.0.7(Feb 18, 2022)

  • 1.0.6(Jan 28, 2022)

    Release 1.0.6-9:

    Commits since 1.0.5:

    • bbaac68: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • bab476d: attribute logging (Christian Nuss) [compare]

    • 34ddc2d: update attribute logging (Christian Nuss) [compare]

    • 39d3a99: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 1b7249e: format attributes logging (Christian Nuss) [compare]

    • 07d20d6: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • e9975c4: formatting (Christian Nuss) [compare]

    • 84ad428: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • e4da415: log attributes (Christian Nuss) [compare]

    • ce43514: reminder to log attributes (Christian Nuss) [compare]

    • 067090f: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 7f420d6: remove debug log (Christian Nuss) [compare]

    • eafb6dc: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • f189932: output the SAML attributes (Christian Nuss) [compare]

    • 31a9579: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • d340952: need help formatting + warn (Christian Nuss) [compare]

    • 16a97dd: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 9f087cb: update help error (Christian Nuss) [compare]

    • cef46ae: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 52554d8: warn message for centrally managed configuration (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.5(Jan 19, 2022)

  • 1.0.4(Jan 18, 2022)

    Release 1.0.4-1:

    Commits since 1.0.3:

    • 4ef88cd: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • c0e5b55: update readme (Christian Nuss) [compare]

    • 63051dc: Merge branch 'main' of github.com:saml-to/assume-aws-role-action (Christian Nuss) [compare]

    • 9a9936e: update readme (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.3(Jan 18, 2022)

  • 1.0.2(Jan 18, 2022)

  • 1.0.1(Jan 18, 2022)

    Release 1.0.1-13:

    Commits since 1.0.0:

    • e7bba1f: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 0f75664: Update readme (Christian Nuss) [compare]

    • 34a55e3: remove debug (Christian Nuss) [compare]

    • 39fb029: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 666fb5c: metadata download url (Christian Nuss) [compare]

    • 4080524: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • f7dff2c: print error again (Christian Nuss) [compare]

    • 40f9f39: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 91ed40c: generalized error (Christian Nuss) [compare]

    • 4b1a38e: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 6cb38fb: debug if there's a code (Christian Nuss) [compare]

    • 2714c37: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 2dbefea: errors are prettier (Christian Nuss) [compare]

    • 4fc1f01: fix imports (Christian Nuss) [compare]

    • ffddd05: ValidationError message (Christian Nuss) [compare]

    • f987455: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 8dc656d: just info (Christian Nuss) [compare]

    • 84a1245: log the error (Christian Nuss) [compare]

    • 31be8bd: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • c943f99: throw the error (Christian Nuss) [compare]

    • 37cee13: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 02989fc: update reference (Christian Nuss) [compare]

    • b1086ac: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • ab2db8b: update the code (Christian Nuss) [compare]

    • abad2be: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • f04fea1: debug the error (Christian Nuss) [compare]

    • d60fac4: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • d5b1e5c: setFailed before error (Christian Nuss) [compare]

    • 06d7de6: message for AuthSamlManifestNotFoundException (Christian Nuss) [compare]

    • b4bf866: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 213ee4b: update readme (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)

  • 1.0.0(Jan 17, 2022)

    Release 1.0.0-21:

    Commits since 222b83cfbeb86ebd1ef3cd427b10dac957c7f534:

    • b5a704e: GITHUB_TOKEN as from env + README updates (Christian Nuss) [compare]

    • b4ed50d: πŸ€– CI: Prerelease: 1.0.0-20 (GitHub Action) [compare]

    • b31720f: Update services.json (Christian Nuss) [compare]

    • 39db29f: πŸ€– CI: Prerelease: 1.0.0-19 (GitHub Action) [compare]

    • 1757ccc: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • e95ccfa: update logging (Christian Nuss) [compare]

    • 1e37864: more outputs, custom region, error handling (Christian Nuss) [compare]

    • 15dee10: πŸ€– CI: Prerelease: 1.0.0-17 (GitHub Action) [compare]

    • 91fb27a: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 221aadc: better output (Christian Nuss) [compare]

    • 37d0ce6: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 60f9916: export variables (Christian Nuss) [compare]

    • dcac9b7: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • f52724f: use the secret access key (Christian Nuss) [compare]

    • cb4ed56: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • ad4134d: get caller identity output (Christian Nuss) [compare]

    • 0506690: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • e7aab70: remove debug logging (Christian Nuss) [compare]

    • b35357c: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 31c9140: debug response from backend (Christian Nuss) [compare]

    • df1d6a7: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 1c6cc45: hardcode to us-east-1 (Christian Nuss) [compare]

    • fe27240: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 03c58a6: re-throw error (Christian Nuss) [compare]

    • 4c6ca74: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • b1bb0aa: debugging (Christian Nuss) [compare]

    • ff47df7: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • d4630a0: debug responses (Christian Nuss) [compare]

    • 65fef4f: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • daa2f47: call aws assume (Christian Nuss) [compare]

    • 8788313: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 6db3746: provider is required (Christian Nuss) [compare]

    • bc17c81: change imports (Christian Nuss) [compare]

    • 17ca678: πŸ€– CI: Prerelease: 1.0.0-4 (GitHub Action) [compare]

    • 0f8cede: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • c4dc58d: regular deps (Christian Nuss) [compare]

    • 09378c9: actions/core to dev deps (Christian Nuss) [compare]

    • b5f51ce: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 3268289: peer deps (Christian Nuss) [compare]

    • cefaf9f: Merge branch 'main' of github.com:saml-to/assume-aws-role (Christian Nuss) [compare]

    • 17a036b: node 16 (Christian Nuss) [compare]

    • 62df38b: assume aws roles (Christian Nuss) [compare]

    Source code(tar.gz)
    Source code(zip)
Owner
null
GitHub
Deploy an Architect project from GitHub Actions with keys gathered from aws-actions/configure-aws-credentials

Deploy an Architect project from GitHub Actions with keys gathered from a specific AWS IAM Role federated by an IAM OIDCProvider. CloudFormation to cr

Taylor Beseda 4 Apr 6, 2022
Under the Sea is an official AWS workshop delivered by AWS SAs and AWS Partners to help customers and partners to learn about AIOps with serverless architectures on AWS.

Under the Sea - AIOps with Serverless Workshop Under the Sea is an exciting MMORPG developed by the famous entrepreneur behind Wild Rydes, the most po

AWS Samples 4 Nov 16, 2022
Learn Web 2.0 and Web 3.0 Development using Next.js, Typescript, AWS CDK, AWS Serverless, Ethereum and AWS Aurora Serverless

Learn Web 2.0 Cloud and Web 3.0 Development in Baby Steps In this course repo we will learn Web 2.0 cloud development using the latest state of the ar

Panacloud Multi-Cloud Internet-Scale Modern Global Apps 89 Jan 3, 2023
A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built on AWS Serverless technologies. Served by CloudFront via an Origin Access Identity. Executed on Lambda@Edge. Backed by S3. Protected by AWS WAF. Provisioned via CloudFormation. Deployed by the AWS SAM CLI.

Image Flex A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built

Horace Nelson 89 Dec 20, 2022
MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are still part of a flow in the AWS cloud remote.

MerLoc MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are

Thundra 165 Dec 21, 2022
AWS Lambda & Serverless - Developer Guide with Hands-on Labs. Develop thousands line of aws lambda functions interact to aws serverless services with real-world hands-on labs

AWS Lambda & Serverless - Developer Guide with Hands-on Labs UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this Repository -> https://www

awsrun 35 Dec 17, 2022
Create a badge using GitHub Actions and GitHub Workflow CPU time

Generated Badges Create a badge using GitHub Actions and GitHub Workflow CPU time (no 3rd parties servers) Install $ npm i generated-badges -g Command

ε°εΌŸθ°ƒθ°ƒβ„’ 9 Dec 30, 2022
A Docusaurus website deployed to GitHub Pages using GitHub Actions.

Deploy Docusaurus website to GitHub Pages using GitHub Actions This repository is an example of deploying a Docusaurus website to GitHub Pages using G

Lars Gyrup Brink Nielsen 18 Dec 26, 2022
Powercord plugin to make "divider" roles into actual dividers

Powecord Role Dividers Install in Replugged Turns "divider" roles into actual dividers. Before: After: A divider role I have is not being shown as a d

Albert Portnoy 7 Dec 28, 2022
A serverless AWS expense tracker API. AWS Lambda functions, API gateway, and Dynamodb are among the ingredients.

AWS-Serverless-API A serverless AWS expense tracker API. AWS Lambda functions API gateway Dynamodb Endpoints Create a new expense: Method: POST Body f

Ondiek Elijah Ochieng 1 Jul 16, 2022