search

serverless / github-action

:zap::octocat: A Github Action for deploying with the Serverless Framework
Apache License 2.0
662 stars 173 forks source link

Use aws credentials from aws-actions/configure-aws-credentials@v1 #66

Open nnuguid-locii opened 2 years ago

nnuguid-locii commented 2 years ago

i need to assume a role in order to deploy. aws-actions has a way to this. is there a way for the serverless/githhub-action to use those credentials?

Pudding124 commented 2 years ago

The issue still open, so we can use the assume role to build serverless ? such as the configure-aws-credentials:

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v1
  with:
     role-session-name: assume_role
     role-to-assume: ${{ secrets.IAM_ROLE }}
     aws-region: us-east-1
dan-newscorp commented 1 year ago

+1

gm-mmurillo commented 1 year ago

+1

dfelsman-ta commented 1 year ago

+1

nitrocode commented 10 months ago

Has anyone able to get this work using the latest https://github.com/aws-actions/configure-aws-credentials ?

I imagine it's the same setup as @Pudding124 mentioned above https://github.com/serverless/github-action/issues/66#issuecomment-1316746468

ryanlawson commented 6 months ago

The configure-aws-credentials action has the following outputs:

You can pass them into the Serverless action as environment variables.

For example:

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v1
  id: credentials # note `id` needs to be set
  with:
     role-session-name: assume_role
     role-to-assume: ${{ secrets.IAM_ROLE }}
     aws-region: us-east-1

- name: serverless deploy
  uses: serverless/github-action@v3.2
  with:
    args: deploy --use-local-credentials
  env:
    AWS_ACCESS_KEY_ID: ${{ steps.credentials.outputs.aws-access-key-id }}
    AWS_SECRET_ACCESS_KEY: ${{ steps.credentials.outputs.aws-secret-access-key }}