#GitHub Actions
3 posts
-
Understanding AWS Credential Federation — How IAM, STS, and OIDC Actually Fit Together
A foundational guide for engineers who followed a GitHub Actions OIDC tutorial but still aren't sure what STS really is, why it has no console page, what 'federation' actually means, or why the trust policy's sub condition matters so much. Covers IAM/STS/OIDC mechanics in depth, plus SAML, IAM Identity Center, and EKS IRSA as variants of the same pattern.
-
AWS Private EC2 Operations Guide Part 4: Deploying to Private EC2 from GitHub Actions — OIDC, SSM Run Command, CodeDeploy
Build a deployment pipeline that puts no port 22 and no AWS access key on the path. OIDC federation removes static credentials, S3 acts as the artifact hub, and either SSM Run Command (simple) or CodeDeploy (zero-downtime) lands the code on the instance.
-
Spring Boot Pre-Interview Guide Part 6: DevOps & Deployment — Spring Boot 4 · Kotlin 2.3 · Docker · GitHub Actions
On Spring Boot 4 with Kotlin 2.3, this part covers what reviewers actually look at in the deployment layer: a Java 21 multi-stage Dockerfile, docker-compose with healthcheck + depends_on for real readiness, GitHub Actions with Gradle cache and JaCoCo coverage, profile-separated application.yml, and Actuator exposing health and prometheus — written without Lombok, using Kotlin primary constructors and val/var.