Usage in GitHub Actions
This page covers the minimum workflow configuration to use the OIDC role from infra/identity/.
Required Workflow Permissions
permissions:
id-token: write
contents: read
Configure AWS Credentials
Get role ARN:
terraform -chdir=infra/identity output role_arn
Use it in workflow:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
role-to-assume: <role_arn>
aws-region: ap-south-1
Repository Example
See .github/workflows/oidc-test.yml.