Zero-Secret CI/CD: GitHub Actions + OIDC on AWS (Part 6)
The article discusses the implementation of Zero-Secret CI/CD using GitHub Actions and OIDC on AWS. It emphasizes the benefits of eliminating long-lived credentials in favor of short-lived tokens for enhanced security. The post details the setup process for establishing trust between GitHub and AWS for secure deployments.
- ▪The traditional method of storing AWS credentials in GitHub secrets poses security risks.
- ▪OIDC federation allows GitHub Actions to assume an IAM role using short-lived signed tokens.
- ▪The article outlines the steps to set up trust between GitHub's OIDC provider and AWS.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 100411) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Josh Blair Posted on May 21 Zero-Secret CI/CD: GitHub Actions + OIDC on AWS (Part 6) #cicd #github #devops #aws Building Sift: A Multi-Tenant AI Platform on AWS (6 Part Series) 1 Building a Multi-Tenant AI Document Platform on AWS (Part 1: Architecture) 2 Multi-Tenant Auth with Cognito and PostgreSQL Row-Level Security (Part 2) ... 2 more parts...
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
