1 Answer
- Newest
- Most votes
- Most comments
3
AWS does not provide the capability to assume a role from ANY GitHub organization. Even if you create a trusted policy like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::50********80:oidc-provider/token.actions.githubusercontent.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"token.actions.githubusercontent.com:sub": "repo:*",
"token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
}
}
}
]
}
GitHub workflow will not be able to assume such a role.
You can create a Free GitHub organization and use it
Relevant content
- asked 2 years ago
- Accepted Answerasked a year ago
- How do I provide cluster access to other IAM users and roles after I create a cluster in Amazon EKS?AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
Please accept the answer if it was useful for you