Skip to content
/ platform-terraform-module-github-oidc-aws-role Public

Terraform module for creating IAM roles for GitHub OIDC authentication with AWS

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

resizes/platform-terraform-module-github-oidc-aws-role

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Terraform Module for GitHub OIDC AWS Role

Terraform module for creating GitHub OIDC role for AWS. This module will create the following resources:

  • IAM Role
  • IAM Policy
  • IAM Policy Attachment

This module is designed to authenticate GitHub Actions with AWS using OIDC. The role created by this module can be assumed by GitHub Actions to perform actions on AWS.

Pre-requisites

You need to have the following resources created before using this module:

data "tls_certificate" "github" {
  url = "tls://token.actions.githubusercontent.com:443"
}

resource "aws_iam_openid_connect_provider" "github" {
  url             = "https://token.actions.githubusercontent.com"
  client_id_list  = ["sts.amazonaws.com"]
  thumbprint_list = [data.tls_certificate.github.certificates[0].sha1_fingerprint]
}

Usage

module "github-oidc-aws-role" {
  source            = "github.com/resizes/platform-terraform-module-github-oidc-aws-role?ref=main"
  name              = ${ROLE_NAME}
  org_name          = ${ORG_NAME}
  condition_test    = ${CONDITION_TEST}
  actions = [ ${ALLOWED_ACTIONS} ]
  assume_role_policy_condition_values = [
    "repo:${ORG_NAME}/${REPO}:ref:refs/heads/${BRANCH}",
    "repo:${ORG_NAME}/${REPO}:ref:refs/tags/${TAG}"
  ]
}

References

About

Terraform module for creating IAM roles for GitHub OIDC authentication with AWS

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages