This assumes you are familiar with GitHub Actions. If not, check out my article Getting Started with GitHub Actions.

There are a few different ways to authenticate to Amazon Web Services in GitHub Actions

• Authenticate to Amazon Web Services (AWS) using OIDC
• Authenticate to Amazon Web Services (AWS) using Access Key and Secret Key (this article)

Let's say you have the following YAML, which will run the GitHub Action when there is a push to the main branch of the foo repository. Notice also that the job contains the following.

• aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
• aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
• aws-region: us-east-1

In this example, your AWS access key ID and secret key would be retrieved from foo repository > settings > Secrets and variables > Actions.

name: AWS authentication demo
run-name: ${{ github.workflow }} run by ${{ github.actor }}
on:
  push:
    branches:
      - main
jobs:
  github-action-job:
    runs-on: ubuntu-latest
    steps:      
      - uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-1      
      
      - name: aws sts get-caller-identity
        run: |
          aws sts get-caller-identity     

      - run: echo "job.status -> ${{ job.status }}"