2 Matching Annotations
  1. Jan 2023
  2. docs.aws.amazon.com docs.aws.amazon.com
    Creating OpenID Connect (OIDC) identity providers - AWS Identity and Access Management
    1
    1. brendanm 19 Jan 2023
      You can create and manage an IAM OIDC identity provider using the AWS Management Console, the AWS Command Line Interface, the Tools for Windows PowerShell, or the IAM API.
      aws_github_actions
    Visit annotations in context

    Tags

    Annotators

    URL

    docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html
  3. github.com github.com
    aws-actions/configure-aws-credentials
    1
    1. brendanm 19 Jan 2023
      To align with the Amazon IAM best practice of granting least privilege, the assume role policy document should contain a Condition that specifies a subject allowed to assume the role. Without a subject condition, any GitHub user or repository could potentially assume the role. The subject can be scoped to a GitHub organization and repository as shown in the CloudFormation template.

      Set a Condition to scope the assumed role to a Github repository or organization.

      aws_github_actions
    Visit annotations in context

    Tags

    Annotators

    URL

    github.com/aws-actions/configure-aws-credentials