https://github.com/geekcell/terraform-aws-iam-github-oidc-provider

Terraform module to provision an AWS IAM GitHub OIDC Provider.
https://github.com/geekcell/terraform-aws-iam-github-oidc-provider

aws github iam oauth oidc terraform terraform-module

Last synced: over 1 year ago
JSON representation

Terraform module to provision an AWS IAM GitHub OIDC Provider.

• Host: GitHub
• URL: https://github.com/geekcell/terraform-aws-iam-github-oidc-provider
• Owner: geekcell
• License: apache-2.0
• Created: 2023-01-12T09:46:31.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-06-28T11:31:51.000Z (almost 3 years ago)
• Last Synced: 2025-03-01T18:48:52.282Z (over 1 year ago)
• Topics: aws, github, iam, oauth, oidc, terraform, terraform-module
• Language: HCL
• Homepage: https://www.geekcell.io
• Size: 61.5 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          

[![Geek Cell GmbH](https://raw.githubusercontent.com/geekcell/.github/main/geekcell-github-banner.png)](https://www.geekcell.io/)

### Code Quality

[![License](https://img.shields.io/github/license/geekcell/terraform-aws-iam-github-oidc-provider)](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/blob/master/LICENSE)

[![GitHub release (latest tag)](https://img.shields.io/github/v/release/geekcell/terraform-aws-iam-github-oidc-provider?logo=github&sort=semver)](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/releases)

[![Release](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/release.yaml/badge.svg)](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/release.yaml)

[![Validate](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/validate.yaml/badge.svg)](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/validate.yaml)

[![Lint](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/linter.yaml/badge.svg)](https://github.com/geekcell/terraform-aws-iam-github-oidc-provider/actions/workflows/linter.yaml)

### Security

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/general)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=INFRASTRUCTURE+SECURITY)

#### Cloud

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_aws)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+AWS+V1.2)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_aws_13)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+AWS+V1.3)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_azure)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+AZURE+V1.1)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_azure_13)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+AZURE+V1.3)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_gcp)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+GCP+V1.1)

##### Container

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_kubernetes_16)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+KUBERNETES+V1.6)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_eks_11)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+EKS+V1.1)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_gke_11)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+GKE+V1.1)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/cis_kubernetes)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=CIS+KUBERNETES+V1.5)

#### Data protection

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/soc2)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=SOC2)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/pci)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=PCI-DSS+V3.2)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/pci_dss_v321)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=PCI-DSS+V3.2.1)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/iso)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=ISO27001)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/nist)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=NIST-800-53)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/hipaa)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=HIPAA)

[![Infrastructure Tests](https://www.bridgecrew.cloud/badges/github/geekcell/terraform-aws-iam-github-oidc-provider/fedramp_moderate)](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-github-oidc-provider&benchmark=FEDRAMP+%28MODERATE%29)

# Terraform AWS IAM GitHub OIDC Provider

Introducing the AWS IAM OpenID Provider Terraform Module, a simple solution for creating and managing your IAM

OpenID Connect (OIDC) providers within Amazon Web Services (AWS). This module has been designed with simplicity in

mind, providing you with an easy way to create and manage your IAM OIDC providers.

Our team of experts has years of experience working with AWS IAM and has a deep understanding of the best practices

and configurations. By using this Terraform module, you can be sure that your IAM OIDC providers are created and

managed in a secure and efficient manner.

This module offers a preconfigured solution for creating an IAM OIDC provider with the correct settings for GitHub,

allowing for role assumption via web tokens. This simplifies the process of securely integrating your AWS resources

with GitHub, saving you time and effort in the process.

So, if you're looking for a convenient and reliable solution for creating and managing your IAM OIDC providers

within AWS, look no further than the AWS IAM OpenID Provider Terraform Module. Give it a try and see how easy it is

to integrate your AWS resources with GitHub!

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [client\_ids](#input\_client\_ids) | The client IDs of the GitHub apps. | `list(string)` | 
[
  "sts.amazonaws.com"
]
 | no |

|  [provider\_url](#input\_provider\_url) | The URL of the GitHub provider. | `string` | `"https://token.actions.githubusercontent.com"` | no |

|  [tags](#input\_tags) | Tags to add to the AWS Customer Managed Key. | `map(any)` | `{}` | no |

|  [thumbprints](#input\_thumbprints) | The thumbprints of the GitHub provider. | `list(string)` | 
[
  "6938fd4d98bab03faadb97b34396831e3780aea1",
  "1c58a3a8518e8759bf075b76b750d4f2df264fcd"
]
 | no |


## Outputs

| Name | Description |

|------|-------------|

|  [provider\_arn](#output\_provider\_arn) | The ARN of the OIDC provider. |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 4.36 |

## Resources

- resource.aws_iam_openid_connect_provider.main (main.tf#22)

# Examples

### Minimal

```hcl

module "example" {

  source = "../../"

}

```