You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
GitHub Action
Deploy to AWS S3
v2.0.2
Deploy a static website to AWS S3.
- Create a S3 bucket and enable static website hosting
- Add a bucket policy to allow public read access to the bucket
- Creating an identity provider on AWS
- Assign a role to the identity provider
Add the following permissions to the job or workflow that uses this action.
permissions:
id-token: write
contents: read
See: GitHub Documents: Adding permissions settings
- uses: uskayyyyy/gha-s3-deploy@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
bucket: ${{ secrets.AWS_BUCKET }}}
region: us-west-2
folder: ./dist
S3 Deploy's Action supports inputs from the user listed in the table below:
Input | Required | Default | Description |
---|---|---|---|
role-to-assume | Yes | The ARN of the AWS IAM role to assume for deploying to S3 | |
bucket | Yes | The S3 bucket where your website will be hosted | |
region | No | us-east-1 | The region of the S3 bucket |
folder | No | . | Absolute path of the folder containing the deployable files |
This action provides the following outputs that can be accessed in subsequent steps of your workflow using the steps
context.
Output | Description |
---|---|
website-url |
The URL of your website hosted on S3. |
# .github/workflows/example.yml
name: Example workflow for S3 Deploy
on: push
jobs:
run:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Deploy
id: deploy
uses: uskayyyyy/gha-s3-deploy@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
bucket: ${{ secrets.AWS_BUCKET }}
region: us-west-2 # Optional - Default: us-east-1
folder: ./dist # Optional - Default: . (root)
- name: Output Website URL
run: echo ${{ steps.deploy.outputs.website-url }}
- Navigate to the Identity Providers page in the AWS IAM console
- Add a provider with the following properties:
- Provider type: OpenID Connect
- Provider URL: https://token.actions.githubusercontent.com
- Audience: sts.amazonaws.com
- Navigate to the identity provider details page created in the previous step
- Hit the "Assign role" button
- Create a new role with the following properties:
- Trusted entity type: Web identity
- Identity provider: the identity provider you created in step 3
- Audience: the audience you specified in step 3
- GitHub organization: your GitHub username or organization name
- Add right permissions
- Name the role and create it
- Make sure the GitHub identity provider is added to the role's trusted relationships
For more information, see GitHub's documentation
The code in this project is released under the MIT License.