name: 'Configure AWS Credentials For GitHub Actions'
description: 'Configure AWS credential and region environment variables for use with the AWS CLI and AWS SDKs'
branding:
  icon: 'cloud'
  color: 'orange'
inputs:
  audience:
    default: 'sts.amazonaws.com'
    description: 'The audience to use for the OIDC provider'
    required: false
  aws-access-key-id:
    description: >-
      AWS Access Key ID. This input is required if running in the GitHub hosted environment.
      It is optional if running in a self-hosted environment that already has AWS credentials,
      for example on an EC2 instance.
    required: false
  aws-secret-access-key:
    description: >-
      AWS Secret Access Key. This input is required if running in the GitHub hosted environment.
      It is optional if running in a self-hosted environment that already has AWS credentials,
      for example on an EC2 instance.
    required: false
  aws-session-token:
    description: 'AWS Session Token'
    required: false
  aws-region:
    description: 'AWS Region, e.g. us-east-2'
    required: true
  mask-aws-account-id:
    description: >-
      Whether to set the AWS account ID for these credentials as a secret value,
      so that it is masked in logs. Valid values are 'true' and 'false'.
      Defaults to true
    required: false
  role-to-assume:
    description: >-
      Use the provided credentials to assume an IAM role and configure the Actions
      environment with the assumed role credentials rather than with the provided
      credentials
    required: false
  web-identity-token-file:
    description: >-
      Use the web identity token file from the provided file system path in order to
      assume an IAM role using a web identity. E.g., from within an Amazon EKS worker node
    required: false
  role-duration-seconds:
    description: "Role duration in seconds (default: 6 hours, 1 hour for OIDC/specified aws-session-token)"
    required: false
  role-session-name:
    description: 'Role session name (default: GitHubActions)'
    required: false
  role-external-id:
    description: 'The external ID of the role to assume'
    required: false
  role-skip-session-tagging:
    description: 'Skip session tagging during role assumption'
    required: false
  http-proxy:
    description: 'Proxy to use for the AWS SDK agent'
    required: false
  role-chaining:
    description: 'Use existing credentials from the environment to assume a new role'
    required: false
  inline-session-policy:
    description: 'Inline session policy'
    required: false
  managed-session-policies:
    description: 'List of managed session policies'
    required: false
outputs:
  aws-account-id:
    description: 'The AWS account ID for the provided credentials'
runs:
  using: 'node16'
  main: 'dist/index.js'
  post: 'dist/cleanup/index.js'