aws-actions/configure-aws-credentials
1
0
Fork 0
mirror of https://github.com/aws-actions/configure-aws-credentials.git synced 2026-03-12 18:07:10 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
v2.2.0
configure-aws-credentials/action.yml
Dimitar d00f6c6f41 Allow inline session policies for assuming role (#739) 
* Allow to pass inline session policy as a parameter

Update the action file

Regenerate the dist/ content

Add test

* Fix typos

* Fix stylistic error

* Move the inline policy logic to allow assumeRole to use it as well; Update and add tests

* Add an option for managed policies

* Regenerate the dist/ files

* Use multiline input for managed policies

* Update readme

* Update readme

---------

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2023-06-14 21:43:04 +00:00

77 lines
2.8 KiB
YAML
Raw Permalink Blame History

name: 'Configure AWS Credentials For GitHub Actions'
description: 'Configure AWS credential and region environment variables for use with the AWS CLI and AWS SDKs'
branding:
icon: 'cloud'
color: 'orange'
inputs:
audience:
default: 'sts.amazonaws.com'
description: 'The audience to use for the OIDC provider'
required: false
aws-access-key-id:
description: >-
AWS Access Key ID. This input is required if running in the GitHub hosted environment.
It is optional if running in a self-hosted environment that already has AWS credentials,
for example on an EC2 instance.
required: false
aws-secret-access-key:
description: >-
AWS Secret Access Key. This input is required if running in the GitHub hosted environment.
It is optional if running in a self-hosted environment that already has AWS credentials,
for example on an EC2 instance.
required: false
aws-session-token:
description: 'AWS Session Token'
required: false
aws-region:
description: 'AWS Region, e.g. us-east-2'
required: true
mask-aws-account-id:
description: >-
Whether to set the AWS account ID for these credentials as a secret value,
so that it is masked in logs. Valid values are 'true' and 'false'.
Defaults to true
required: false
role-to-assume:
description: >-
Use the provided credentials to assume an IAM role and configure the Actions
environment with the assumed role credentials rather than with the provided
credentials
required: false
web-identity-token-file:
description: >-
Use the web identity token file from the provided file system path in order to
assume an IAM role using a web identity. E.g., from within an Amazon EKS worker node
required: false
role-duration-seconds:
description: "Role duration in seconds (default: 6 hours, 1 hour for OIDC/specified aws-session-token)"
required: false
role-session-name:
description: 'Role session name (default: GitHubActions)'
required: false
role-external-id:
description: 'The external ID of the role to assume'
required: false
role-skip-session-tagging:
description: 'Skip session tagging during role assumption'
required: false
http-proxy:
description: 'Proxy to use for the AWS SDK agent'
required: false
role-chaining:
description: 'Use existing credentials from the environment to assume a new role'
required: false
inline-session-policy:
description: 'Inline session policy'
required: false
managed-session-policies:
description: 'List of managed session policies'
required: false
outputs:
aws-account-id:
description: 'The AWS account ID for the provided credentials'
runs:
using: 'node16'
main: 'dist/index.js'
post: 'dist/cleanup/index.js'
Reference in New Issue View Git Blame Copy Permalink