![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
![[DEALS] The Premium Learn to Code Certification Bundle (97% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From drop-out to software architect with Jason Lengstorf [Podcast #167]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743796461357/f3d19cd7-e6f5-4d7c-8bfc-eb974bc8da68.png?#)
.png?#)
_Christophe_Coat_Alamy.jpg?#)
 (1).webp?#)
![Apple Considers Delaying Smart Home Hub Until 2026 [Gurman]](https://www.iclarified.com/images/news/96946/96946/96946-640.jpg)
![iPhone 17 Pro Won't Feature Two-Toned Back [Gurman]](https://www.iclarified.com/images/news/96944/96944/96944-640.jpg)
![Tariffs Threaten Apple's $999 iPhone Price Point in the U.S. [Gurman]](https://www.iclarified.com/images/news/96943/96943/96943-640.jpg)
Secure continuous Integration with Dockerfile, Github Actions and AWS ECR
Overview Managing containerized applications efficiently is crucial for modern DevOps workflows. One of the best ways to automate Docker image deployment is by integrating GitHub Actions with AWS Elastic Container Registry (ECR). In past post, we create Github actions pipeline and deployed image on Github registry https://ghcr.io. Instead of using IAM access keys, we will use AWS OIDC authentication with GitHub Actions. This eliminates the risk of storing long-lived credentials and improves security by relying on short-lived session tokens. Why Use AWS OIDC Authentication? ✅ No hardcoded secrets – Eliminates long-lived IAM access keys ✅ Enhanced security – Uses short-lived tokens for GitHub Actions ✅ Less maintenance – No need to rotate IAM credentials manually Step 1: Create Github Repo Create a Github repo Step 2: Create an AWS IAM Role for GitHub OIDC AWS provides OIDC (OpenID Connect) integration with GitHub to authenticate your GitHub Actions workflows securely. 1.1 Create an OIDC Identity Provider in AWS Search for IAM in AWS search bar Select Identity Provider from the left sidebar Click Add Provider Select provider type as OpenID Connect Provider URL as https://token.actions.githubusercontent.com Audience as sts.amazonaws.com It should look like as shared in the below screenshot. Now, click on Add Provider at the bottom. 1.2 Create an IAM Role for GitHub Actions Now, create an IAM role with OIDC trust policy for GitHub Actions. Search for IAM service again and select Role from the sidebar. Click to Create Role Add policy (permissions) to this Role Provide name to the IAM role and Click Create Role at the bottom.
Overview
Managing containerized applications efficiently is crucial for modern DevOps workflows. One of the best ways to automate Docker image deployment is by integrating GitHub Actions with AWS Elastic Container Registry (ECR).
In past post, we create Github actions pipeline and deployed image on Github registry https://ghcr.io.
Instead of using IAM access keys, we will use AWS OIDC authentication with GitHub Actions. This eliminates the risk of storing long-lived credentials and improves security by relying on short-lived session tokens.
Why Use AWS OIDC Authentication?
✅ No hardcoded secrets – Eliminates long-lived IAM access keys
✅ Enhanced security – Uses short-lived tokens for GitHub Actions
✅ Less maintenance – No need to rotate IAM credentials manually
Step 1: Create Github Repo
Create a Github repo
Step 2: Create an AWS IAM Role for GitHub OIDC
AWS provides OIDC (OpenID Connect) integration with GitHub to authenticate your GitHub Actions workflows securely.
1.1 Create an OIDC Identity Provider in AWS
- Search for IAM in AWS search bar
- Select Identity Provider from the left sidebar
- Click Add Provider
Select provider type as OpenID Connect
Provider URL as https://token.actions.githubusercontent.com
Audience as sts.amazonaws.com
It should look like as shared in the below screenshot.
Now, click on Add Provider at the bottom.
1.2 Create an IAM Role for GitHub Actions
Now, create an IAM role with OIDC trust policy for GitHub Actions.
Search for IAM service again and select Role from the sidebar.
Click to Create Role
Add policy (permissions) to this Role
Provide name to the IAM role and Click Create Role at the bottom.
