Enable OIDC
Before you can push a container image or dispatch a image tag, an OIDC provider must be created. This provider is used when creating the IAM roles for the GitHub Actions workflows.
You can read more about the OIDC provider in the AWS and GitHub documentation.
Step 1: Enable OIDC provider
The OIDC provider is configured in the iam
stack that was created in a previous section.
Enable the GithubIdentityProvider
:
repo-iac/environments/dev/_config/iam.yml
StackName: "iam"
MaskinportenKeyRotation:
Enable: false
GithubIdentityProvider:
- Enable: false
+ Enable: true
Then follow the steps in the setup IAM guide to fetch the IAM template, apply the stack and verify the provider.
Commit your files
At this stage it is a good idea to commit your files.
Next step
Push container image to ECR.