github action aws 인증

카테고리 없음

github action aws 인증

jinheung90 2024. 5. 11. 00:47

github actions aws 인증

https://aws.amazon.com/ko/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/

Use IAM roles to connect GitHub Actions to actions in AWS | Amazon Web Services

May 22, 2023: We updated the post to reflect case sensitivity in the IDP entered: https://token.actions.githubusercontent.com. The IDP created in this post should be entered in lowercase through the post. Have you ever wanted to initiate change in an Amazo

aws.amazon.com

추가로 ecr 연결을 위해선 해당 역할에 ecr task 정책 추가

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowPushPull",
            "Effect": "Allow",
            "Principal": { // not required
                "AWS": [
                    "arn:aws:iam::account-id:user/push-pull-user-1",
                    "arn:aws:iam::account-id:user/push-pull-user-2"
                ]
            },
            "Action": [
                "ecr:BatchGetImage",
                "ecr:BatchCheckLayerAvailability",
                "ecr:CompleteLayerUpload",
                "ecr:GetDownloadUrlForLayer",
                "ecr:InitiateLayerUpload",
                "ecr:PutImage",
                "ecr:UploadLayerPart"
            ]
        }
    ]
}