30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
name: aws-configure
|
|
description: Authenticate with AWS via OIDC and export credentials to the environment.
|
|
|
|
inputs:
|
|
role-arn:
|
|
description: Full IAM role ARN to assume via OIDC
|
|
required: true
|
|
region:
|
|
description: AWS region
|
|
required: false
|
|
default: eu-central-1
|
|
aws-access-key-id:
|
|
description: AWS access key to use. Only required for some authentication types.
|
|
required: false
|
|
aws-secret-access-key:
|
|
description: AWS secret key to use. Only required for some authentication types.
|
|
required: false
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
# Pinned to commit SHA instead of a tag to prevent supply chain attacks.
|
|
# aws-actions/configure-aws-credentials v6.1.0 — https://code.forgejo.org/aws-actions/configure-aws-credentials/commits/tag/v6
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37
|
|
with:
|
|
role-to-assume: ${{ inputs.role-arn }}
|
|
aws-region: ${{ inputs.region }}
|
|
aws-access-key-id: ${{ inputs.aws-access-key-id }}
|
|
aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
|