In this case study we will cover:

How to configure AWS Console to use Github credentials for your organization.
How to map AWS IAM roles to Github teams, i.e. how to implement role-based access control (RBAC).
How to map SSH credentials of your AWS instances to Github teams.
Effectively, this makes Github a “single source of truth” for who has access to the AWS infrastructure used in your organization. Under this scheme, an engineer only has to login into Github once and after that:

They automatically get access to AWS, but only to resources their Github Team allows.
They automatically get auto-expiring SSH credentials to AWS instances, but only to instances with tags that their Github Team specifies and only as a specific OS login (for example, as ops but not root).

#github #ssh #rbac

SSH into your AWS infrastructure using Github for RBAC
1.50 GEEK