miti99bot/aws/iam-github-oidc-trust.json

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Federated": "arn:aws:iam::REPLACE_WITH_AWS_ACCOUNT_ID:oidc-provider/token.actions.githubusercontent.com"
      },
      "Action": "sts:AssumeRoleWithWebIdentity",
      "Condition": {
        "StringEquals": {
          "token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
        },
        "StringLike": {
          "token.actions.githubusercontent.com:sub": [
            "repo:tiennm99/miti99bot-go:ref:refs/heads/main",
            "repo:tiennm99/miti99bot-go:ref:refs/heads/dev",
            "repo:tiennm99/miti99bot-go:pull_request"
          ]
        }
      }
    }
  ]
}