Overview
The Reference section provides detailed technical documentation for tools, scripts, and modules included in the AWS Terraform Starter Kit.
Topics
- Makefile — command reference for automation and deployment tasks
- OIDC Provider — complete reference for the GitHub Actions OIDC provider module
- Checkov — security and compliance scanning for Terraform configurations
- TFLint — linting and best practices validation for Terraform code
OIDC Provider Module
The starter kit includes a reusable OIDC provider module (modules/oidc-provider/) that creates:
- GitHub Actions OIDC provider — enables keyless authentication from GitHub workflows
- IAM service role — with configurable managed and inline policies
- Trust policy — repository-scoped access control
Key features:
- Automatic detection and reuse of existing OIDC providers
- Support for multiple environments in single or multi-account setups
- Flexible policy attachment (managed and inline policies)
- Validation for inputs (repository format, role name, session duration)
Usage:
module "oidc_provider" {
source = "../../modules/oidc-provider"
github_repo = "towardsthecloud/my-repo"
use_existing_oidc_provider = true
role_name = "GitHubActionsServiceRole-Terraform-staging"
managed_policy_arns = [
"arn:aws:iam::aws:policy/AdministratorAccess"
]
}
For complete documentation including all variables, outputs, and implementation details, see the OIDC Provider reference.