menu

Top Categories

Spotlight

stressed person on laptop

todayMay 14, 2022

Culture Jake

Tips for managing a team’s stress

As a leader, it can be tempting to push your team to get the most out of them and to get results. People don’t like like saying no and often just want to be helpful and give it their all. Many people will even offer to do things like take [...]


Setting up Github Actions with AWS using CloudFormation

secure development + cloud Jake todayJanuary 25, 2022 24

Background
share close

I recently helped a client migrate their Devops Pipelines to Github Actions. One of the nice features about GH is that its relatively easy to setup and use an identity provider that will allow Github to do what it needs without having to store credentials. I found some great resources online for how to do this, including this one for terraform. In my case I needed to write one using CloudFormation. Thought I’d share:

The above contains a sample CFN doc for creating the Identity Provider and a sample role that allows access to ECR. The condition in the IAM policy restricts its usage to a specific repo so that other arbitrary Github users can’t assume the role.

Written by: Jake

Rate it
Previous post

todayMarch 6, 2021

  • 173
close

industry Jake

Critiquing cloud lockin

I hear a lot of talk about cloud lockin. I hear it from people with self funded startups, authors on tech blogs and developers. The argument I hear most is ...


Similar posts