Skip to content

Enable OIDC

Before you can push a container image or dispatch a image tag, an OIDC provider must be created. This provider is used when creating the IAM roles for the GitHub Actions workflows.

You can read more about the OIDC provider in the AWS and GitHub documentation.

Step 1: Enable OIDC provider

The OIDC provider is configured in the iam stack that was created in a previous section.

Enable the GithubIdentityProvider:

repo-iac/environments/dev/_config/iam.yml
StackName: "iam"
MaskinportenKeyRotation:
  Enable: false
GithubIdentityProvider:
- Enable: false
+ Enable: true

Then follow the steps in the setup IAM guide to fetch the IAM template, apply the stack and verify the provider.

Commit your files

At this stage it is a good idea to commit your files.

Next step

Push container image to ECR.