1回答
- 新しい順
- 投票が多い順
- コメントが多い順
2
AWS does not provide the capability to assume a role from ANY GitHub organization. Even if you create a trusted policy like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::50********80:oidc-provider/token.actions.githubusercontent.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"token.actions.githubusercontent.com:sub": "repo:*",
"token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
}
}
}
]
}
GitHub workflow will not be able to assume such a role.
You can create a Free GitHub organization and use it
関連するコンテンツ
- AWS公式更新しました 1年前