+
Connect: GitHub to AWS IAM
Add a saml-to.yml
to GitHub
Target:
Repository:
saml-to
We will create this repository
The saml-to.yml
file is your Provider Configration and Access Control Lists. Our GitHub App will read
saml-to.yml
and will exchange GitHub (User or Repo) Tokens for short-lived AWS IAM Access Tokens.
saml-to.yml
:
---
# Config Reference:
# https://docs.saml.to/configuration/reference
version: '20220101'
providers:
aws:
permissions:
aws:
roles:
- name:
Choose an IAM Role
users:
Grant to a GitHub User
repos:
Grant to a GitHub Repo
teams:
Grant to a GitHub Team[Premium]
Additional AWS Accounts and IAM Roles can be added
later.Learn More
🛠Installation Progress
SAML.to
GitHub App installed
SAML.to
added as an AWS Identity Provider
IAM Role Trust
Relationship added
Access granted to
GitHub Users (Optional)
Access granted to
GitHub Repositories (Optional)
Access granted to GitHub Teams
(Optional)
saml-to.yml
committed
🕵️Assuming Roles
As a Github User
Run in the terminal:
saml-to assume the-role-name