Use aws credentials from aws-actions/configure-aws-credentials@v1

[nnuguid-locii]

i need to assume a role in order to deploy. aws-actions has a way to this. is there a way for the serverless/githhub-action to use those credentials?

[Pudding124]

The issue still open, so we can use the assume role to build serverless ? such as the configure-aws-credentials:

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v1
  with:
     role-session-name: assume_role
     role-to-assume: ${{ secrets.IAM_ROLE }}
     aws-region: us-east-1

[dan-newscorp]

+1

[gm-mmurillo]

+1

[dfelsman-ta]

+1

[nitrocode]

Has anyone able to get this work using the latest https://github.com/aws-actions/configure-aws-credentials ?

I imagine it's the same setup as @Pudding124 mentioned above https://github.com/serverless/github-action/issues/66#issuecomment-1316746468

[ryanlawson]

The configure-aws-credentials action has the following outputs:

• aws-access-key-id
• aws-secret-access-key
• aws-session-token

You can pass them into the Serverless action as environment variables.

For example:

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v1
  id: credentials # note `id` needs to be set
  with:
     role-session-name: assume_role
     role-to-assume: ${{ secrets.IAM_ROLE }}
     aws-region: us-east-1

- name: serverless deploy
  uses: serverless/[email protected]
  with:
    args: deploy --use-local-credentials
  env:
    AWS_ACCESS_KEY_ID: ${{ steps.credentials.outputs.aws-access-key-id }}
    AWS_SECRET_ACCESS_KEY: ${{ steps.credentials.outputs.aws-secret-access-key }}