Closed shahid23-dev closed 5 months ago
Did you create the identity provider in AWS? https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/
I've also the same issue. I've followed the full guide, step by step. Workflow is returning Error: Could not assume role with OIDC: The requested DurationSeconds exceeds the MaxSessionDuration set for this role.
probably I've find out the issue @shahid23-dev. You must provide the same time, or below, the one configured inside Maximum session duration
of your Github Role
. For example if you have set as Maximum session duration = 1h
, you also need to specify in your github workflow role-duration-seconds: 1200
Thanks for reaching out and commenting here - @shahid23-dev does the suggestion in the above comment resolve your issue?
probably I've find out the issue @shahid23-dev. You must provide the same time, or below, the one configured inside
Maximum session duration
of yourGithub Role
. For example if you have set asMaximum session duration = 1h
, you also need to specify in your github workflowrole-duration-seconds: 1200
thanks dude. it helped
Thanks for reaching out and commenting here - @shahid23-dev does the suggestion in the above comment resolve your issue?
resolved , Thanks :)
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one.
Describe the bug
Error: Could not assume role with OIDC: No OpenIDConnect provider found in your account for https://token.actions.githubusercontent.com
Expected Behavior
should able to configure
Current Behavior
Error: Could not assume role with OIDC: No OpenIDConnect provider found in your account for https://token.actions.githubusercontent.com
Reproduction Steps
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "arn:aws:iam::***:oidc-provider/token.actions.githubusercontent.com/" }, "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { "token.actions.githubusercontent.com/:aud": "sts.amazonaws.com" }, "StringLike": { "token.actions.githubusercontent.com/:sub": "repo:shahid23-dev/shahid-project:*" } } } ] }
Sample workflow to access AWS resources when workflow is tied to branch
The workflow Creates static website using aws s3
name: s3 workflow on: push env: BUCKET_NAME : "shahid-terraform-bucket" AWS_REGION : "us-east-1"
permission can be added at job level or workflow level
permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout jobs: S3PackageUpload: runs-on: ubuntu-latest timeout-minutes: 15 steps:
Upload a file to AWS s3
Possible Solution
No response
Additional Information/Context
No response