Support role assumption from long term creds

serverless / github-action

:zap::octocat: A Github Action for deploying with the Serverless Framework

Apache License 2.0

655 stars 168 forks source link

Support role assumption from long term creds #1

Open shortjared opened 5 years ago

shortjared commented 5 years ago

Instead of encouraging privileged long term creds, we should encourage long term creds with permissions only to assume an IAM role. Even better if we can restrict them to only GitHub action runner IP ranges.

nitrocode commented 7 months ago

I think this is supported. See https://github.com/serverless/github-action/issues/66#issuecomment-1316746468

ryanlawson commented 3 months ago

You can pass AWS_SECRET_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables with --use-local-credentials