Deploy to AWS S3
ActionsTags
(1)Deploy a static website to AWS S3.
- Create a S3 bucket and enable static website hosting
- Add a bucket policy to allow public read access to the bucket
- Creating an identity provider on AWS
- Assign a role to the identity provider
Add the following permissions to the job or workflow that uses this action.
permissions:
id-token: write
contents: readSee: GitHub Documents: Adding permissions settings
- uses: uskayyyyy/gha-s3-deploy@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
bucket: ${{ secrets.AWS_BUCKET }}}
region: us-west-2
folder: ./distS3 Deploy's Action supports inputs from the user listed in the table below:
| Input | Required | Default | Description |
|---|---|---|---|
| role-to-assume | Yes | The ARN of the AWS IAM role to assume for deploying to S3 | |
| bucket | Yes | The S3 bucket where your website will be hosted | |
| region | No | us-east-1 | The region of the S3 bucket |
| folder | No | . | Absolute path of the folder containing the deployable files |
This action provides the following outputs that can be accessed in subsequent steps of your workflow using the steps context.
| Output | Description |
|---|---|
website-url |
The URL of your website hosted on S3. |
# .github/workflows/example.yml
name: Example workflow for S3 Deploy
on: push
jobs:
run:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Deploy
id: deploy
uses: uskayyyyy/gha-s3-deploy@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
bucket: ${{ secrets.AWS_BUCKET }}
region: us-west-2 # Optional - Default: us-east-1
folder: ./dist # Optional - Default: . (root)
- name: Output Website URL
run: echo ${{ steps.deploy.outputs.website-url }}- Navigate to the Identity Providers page in the AWS IAM console
- Add a provider with the following properties:
- Provider type: OpenID Connect
- Provider URL: https://token.actions.githubusercontent.com
- Audience: sts.amazonaws.com
- Navigate to the identity provider details page created in the previous step
- Hit the "Assign role" button
- Create a new role with the following properties:
- Trusted entity type: Web identity
- Identity provider: the identity provider you created in step 3
- Audience: the audience you specified in step 3
- GitHub organization: your GitHub username or organization name
- Add right permissions
- Name the role and create it
- Make sure the GitHub identity provider is added to the role's trusted relationships
For more information, see GitHub's documentation
- AWS Configure Credentials Action is used to configure AWS credentials with the provided IAM role.
The code in this project is released under the MIT License.
Deploy to AWS S3 is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.
Tags
(1)Deploy to AWS S3 is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.