Skip to content

Add role ARN as a secret

This section shows you how to set up the IAM role ARN as a secret in the GitHub environment you created earlier.

Step 1: Add the secret

Run these commands and paste the role ARN from the previous section of the guide when prompted.

export IAC_REPO="oslokommune/pirates-iac"
export IAC_ENV="pirates-dev-app-treasures"
gh secret set --repo "$IAC_REPO" --env "$IAC_ENV" AWS_ROLE_ARN
Example output
? Paste your secret ***
✓ Set Actions secret AWS_ROLE_ARN for oslokommune/pirates-iac

Go to your infrastructure repository and navigate to Settings > Environments. Choose the environment you created earlier and click on Add secret.

Name

AWS_ROLE_ARN

Value

The role ARN from the previous section of the guide.

Step 2: Verify that the workflow can run Terraform

Make a change to the Terraform code for your application and push it to the main branch. The workflow should now run and apply the changes to your infrastructure.

For example, add an environment variable by editing the file app-treasures/ecs_container_definition_main.tf.