AWS-specific
Authenticating with OIDC on AWS
In order to set up OIDC simply swap the AWS Keys with assume role ARN and you are good to go. Here is an example, don’t forget to replace the line starting in ** with your own ARN for the account.
name: Digger Workflow
on:
workflow_dispatch:
inputs:
run_name:
required: false
spec:
required: true
run-name: '${{inputs.run_name}}'
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write # required to merge PRs
id-token: write # required for workload-identity-federation
pull-requests: write # required to post PR comments
statuses: write # required to validate combined PR status
steps:
- name: digger run
uses: diggerhq/digger@vLatest
with:
digger-spec: ${{ inputs.spec }}
setup-aws: true
**aws-role-to-assume: arn:aws:iam::{AccountID}:role/{RoleName}**
aws-region: us-east-1
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}