-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yaml
41 lines (39 loc) · 1.46 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: AWS IAM assume role
author: Peter Mescalchin
description: Assume an AWS IAM role - either via an IAM user or OpenID Connect (OIDC).
inputs:
user-access-key-id:
description: IAM user Access Key ID.
default:
user-secret-access-key:
description: IAM user Secret Access Key.
default:
web-identity-role-arn:
description: Authenticate via GitHub Actions OpenID Connect target IAM role ARN.
default:
assume-role-arn:
description: Target IAM role ARN to assume.
default:
assume-role-duration-seconds:
description: Assumed IAM role session duration.
default: 3600
assume-role-session-name:
description: Assumed IAM role session name.
default: github-actions
aws-region:
description: Desired AWS region (e.g. `ap-southeast-2`). Sets the AWS_REGION environment variable.
required: true
runs:
using: composite
steps:
- name: Execute
run: |
INPUT_USER_ACCESS_KEY_ID="${{ inputs.user-access-key-id }}" \
INPUT_USER_SECRET_ACCESS_KEY="${{ inputs.user-secret-access-key }}" \
INPUT_WEB_IDENTITY_ROLE_ARN="${{ inputs.web-identity-role-arn }}" \
INPUT_ASSUME_ROLE_ARN="${{ inputs.assume-role-arn }}" \
INPUT_ASSUME_ROLE_DURATION_SECONDS="${{ inputs.assume-role-duration-seconds }}" \
INPUT_ASSUME_ROLE_SESSION_NAME="${{ inputs.assume-role-session-name }}" \
INPUT_AWS_REGION="${{ inputs.aws-region }}" \
"${{ github.action_path }}/main.py"
shell: bash