Github Actions without storing AWS credential

Need help, in my project I am able to execute Terraform script to create AWS resources using IAM role secret credentials after storing them in Github Secret.

But customer’s requirement is to not to store aws credential inside Github actions secret rather using other way.

Can anyone of you please suggest me if it is possible to do without storing Github actions secret?

Dipen Bhadra

Hi @dipen80, welcome the GitHub community!

I don’t think this will be possible. You need to have something that will authenticate you to Amazon and in this case that will be your AWS credentials. I think you’d run into this problem using any CI/CD solution except if you were to host it on your company’s own infrastructure.

Secrets are encrypted and can only be read when used in a workflow so they should remain completely secure.