From 4a2500596efbf0cc90e23389a07414c38b9d31ac Mon Sep 17 00:00:00 2001 From: Mufaddal5253110 Date: Tue, 4 Jun 2024 12:16:42 +0530 Subject: [PATCH 1/5] github oidc connect resource added --- main.tf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/main.tf b/main.tf index d8812b0..ac52e10 100644 --- a/main.tf +++ b/main.tf @@ -1,3 +1,12 @@ +resource "aws_iam_openid_connect_provider" "github_oidc_connect" { + url = "https://token.actions.githubusercontent.com" + + client_id_list = [ + "sts.amazonaws.com", + ] + + thumbprint_list = ["ffffffffffffffffffffffffffffffffffffffff"] +} resource "aws_iam_role" "github_actions_role" { name = var.role_name assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json From 68c37593af23ecc8c3a6336f78f12d5ad6341b5d Mon Sep 17 00:00:00 2001 From: Mufaddal5253110 Date: Tue, 4 Jun 2024 12:23:30 +0530 Subject: [PATCH 2/5] dummy commit --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index ac52e10..3905b64 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,6 @@ resource "aws_iam_openid_connect_provider" "github_oidc_connect" { client_id_list = [ "sts.amazonaws.com", ] - thumbprint_list = ["ffffffffffffffffffffffffffffffffffffffff"] } resource "aws_iam_role" "github_actions_role" { From 076cfcd56bb7758dcf2f33098badcac7810ac832 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 4 Jun 2024 07:33:05 +0000 Subject: [PATCH 3/5] terraform-docs: automated action --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 41cbbd0..8d08ebf 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ No modules. | Name | Type | |------|------| +| [aws_iam_openid_connect_provider.github_oidc_connect](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider) | resource | | [aws_iam_role.github_actions_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | | [aws_iam_role_policy_attachment.attach_admin_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | From cdb4227c47289baa7a14217a25cf01783176a03b Mon Sep 17 00:00:00 2001 From: Mufaddal5253110 Date: Tue, 4 Jun 2024 15:05:06 +0530 Subject: [PATCH 4/5] thumb print updated --- examples/simple-setup/.terraform.lock.hcl | 25 +++++++++++++++++++++++ main.tf | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 examples/simple-setup/.terraform.lock.hcl diff --git a/examples/simple-setup/.terraform.lock.hcl b/examples/simple-setup/.terraform.lock.hcl new file mode 100644 index 0000000..b9fad7c --- /dev/null +++ b/examples/simple-setup/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.51.1" + constraints = "~> 5.51.0" + hashes = [ + "h1:KY/uPHIa+bHgMOAqoA2BnjIlIDuFRFwbLjLkf1gbeDk=", + "zh:03d524b70ab300d90dc4dccad0c28b18d797b8986722b7a93e40a41500450eaa", + "zh:04dbcb7ab52181a784877c409f6c882df34bda686d8c884d511ebd4abf493f0c", + "zh:2b068f7838e0f3677829258df05d8b9d73fe6434a1a809f8710956cc1c01ea03", + "zh:41a4b1e4adbf7c90015ebff17a719fc08133b8a2c4dcefd2fa281552126e59a8", + "zh:48b1adf57f695a72c88c598f99912171ef7067638fd63fb0c6ad3fa397b3f7c3", + "zh:5c2fb26ecb83adac90d06dcf5f97edbc944824c2821816b1653e1a2b9d37b3c4", + "zh:93df05f53702df829d9b9335e559ad8b313808dbd2fad8b2ff14f176732e693d", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:b5da39898602e44551b56e2803a42d92ea7115e35b1792efbf6649da37ef597b", + "zh:b7ab7f743f864ed8d479a7cb04fd3ce00c376f867ee5b53c4c1acaef6e286c54", + "zh:e7e7b2d8ee486415481a25ac7bdded20bd2897d5dd0790741798f31935b9528d", + "zh:e8008e3f5ef560fd9004d1ed1738f0f53e99b0ce961d967e95fc7c02e5954e4e", + "zh:f1296f648b8608ffa930b52519b00ed01eebedde9fdaf94205b365536e6c3916", + "zh:f8539960fd978a54990740ee984c6f7f743c9c32c7734e2601e92abfe54367e9", + "zh:fd182e6e20bb52982752a5d8c4b16887565f413a9d50d9d394d2c06eea8a195e", + ] +} diff --git a/main.tf b/main.tf index 3905b64..7d46df5 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ resource "aws_iam_openid_connect_provider" "github_oidc_connect" { client_id_list = [ "sts.amazonaws.com", ] - thumbprint_list = ["ffffffffffffffffffffffffffffffffffffffff"] + thumbprint_list = ["6938fd4d98bab03faadb97b34396831e3780aea1"] } resource "aws_iam_role" "github_actions_role" { name = var.role_name From 841fdb5ed809dd922f4ad5103831b5361de2c829 Mon Sep 17 00:00:00 2001 From: Mufaddal5253110 Date: Tue, 4 Jun 2024 15:08:08 +0530 Subject: [PATCH 5/5] updating thumb print --- main.tf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 7d46df5..c7d27fe 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,9 @@ resource "aws_iam_openid_connect_provider" "github_oidc_connect" { client_id_list = [ "sts.amazonaws.com", ] - thumbprint_list = ["6938fd4d98bab03faadb97b34396831e3780aea1"] + thumbprint_list = [ + "6938fd4d98bab03faadb97b34396831e3780aea1" + ] } resource "aws_iam_role" "github_actions_role" { name = var.role_name