#OIDC
3 posts
-
Understanding AWS Credential Federation — How IAM, STS, and OIDC Actually Fit Together
A foundational guide for engineers who followed a GitHub Actions OIDC tutorial but still aren't sure what STS really is, why it has no console page, what 'federation' actually means, or why the trust policy's sub condition matters so much. Covers IAM/STS/OIDC mechanics in depth, plus SAML, IAM Identity Center, and EKS IRSA as variants of the same pattern.
-
AWS Private EC2 Operations Guide Part 4: Deploying to Private EC2 from GitHub Actions — OIDC, SSM Run Command, CodeDeploy
Build a deployment pipeline that puts no port 22 and no AWS access key on the path. OIDC federation removes static credentials, S3 acts as the artifact hub, and either SSM Run Command (simple) or CodeDeploy (zero-downtime) lands the code on the instance.
-
Spring Boot SSO Integration Guide: OAuth2/OIDC and SAML in Practice
A practical guide to SSO integration with IdPs like Keycloak, Okta, and Azure AD using Spring Security