update/remove docs: READMEs, Usage, and confluence pages #195
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
leslie-corbalt
force-pushed
the
lbk-update-docs
branch
from
81f0fa5 to
189e7bd
Compare
leslie-corbalt
force-pushed
the
lbk-update-docs
branch
from
189e7bd to
fc72ea5
Compare
ben-harvey
reviewed
Jan 3, 2024
| IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the [OpenID Connect (OIDC) standard](http://openid.net/connect/). The AWS IdP is configured with the URL (`token.actions.githubusercontent.com`) and server certificate thumbprint of the GitHub OIDC provider. A valid default value for the thumbprint is provided, but thumbprint can also be obtained by following [these steps](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html). | ||
| An IAM OIDC identity provider is a resource in IAM that describes an external identity provider (IdP) service that supports the [OpenID Connect (OIDC) standard](http://openid.net/connect/). The AWS identity provider resource is configured with the URL (`token.actions.githubusercontent.com`) and server certificate thumbprint of the GitHub OIDC provider. A valid default value for the thumbprint is provided, but thumbprint can also be obtained by following [these steps](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html). | ||
|
|
||
| NOTE: AWS secures communication with the GitHub IdP through it's library of trusted root certificate authorities (CAs) instead of using a certificate thumbprint to verify GitHub's IdP server certificate. The thumbprint remains in the AWS identity provider configuration, but is no longer used for validation. source: [AWS docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html) |
|
|
||
| - ECS Cluster | ||
| - ECS Service | ||
| - ECS Fargate task definition to spin up an instance of this runner _per job_ in your GitHub Actions workflow | ||
|
|
||
| This module uses an existing ECR repository in AWS, and so does not provision one. | ||
| This module uses the ECR repository running in the MACBIS Shared DSO Dev account, managed in the `terraform/dev/account` directory, and accessible by the MACBIS organization. |
There was a problem hiding this comment.
nit: ECR repositories don't 'run' per se
There was a problem hiding this comment.
Changed "running" to "created"
| @@ -56,15 +56,15 @@ jobs: | |||
|
|
|||
| test-self-hosted: | |||
| name: Testing self-hosted tag | |||
| needs: start-runner | |||
| needs: start-runners | |||
There was a problem hiding this comment.
Can't comment directly, but might as well bump the version of the configure-aws-credentials action to v4 in the example while whe're here
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://jiraent.cms.gov/browse/CMCSMACD-1874
update confluences pages are here (a Guide) and here) (Setting up a self-hosted runner)