actions-cfn-diff

This GitHub Actions outputs a Job Summary listing the resources included in the CloudFormation template.

Precondition

use aws-actions/configure-aws-credentials@v4
setup IAM Role for describe Cloudformation stacks
- If you use the CDK lookup role, there is no need to create a new role for actions-cfn-diff. see Assume role example

The IAM policy required by this action is as follows

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "cloudformation:ListStacks",
                "cloudformation:DetectStackDrift",
                "cloudformation:DetectStackResourceDrift",
                "cloudformation:DescribeStackDriftDetectionStatus",
                "cloudformation:GetTemplate",
                "cloudformation:ListStackResources"
            ],
            "Resource": "*"
        }
    ]
}

Basic Usage Example

on:
  pull_request:

name: Build on PullRequest

permissions:
  id-token: write
  contents: read
  pull-requests: write

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v2
        with:
          aws-region: ap-northeast-1
          role-to-assume: arn:aws:iam::0000000:role/deploy_from_github
      - name: Set up AWS CDK
        run: npm install -g aws-cdk
      - name: Make Cloudformation Templates
        run: cdk synth
      - uses: taichi/actions-cfn-diff@v1
        with:
          aws-region: ap-northeast-1

See action.yml for the full documentation for this action's inputs and outputs.

Assume role Example

name: report example

on:
  pull_request:

permissions:
  id-token: write
  contents: read
  pull-requests: write

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v2
        with:
          aws-region: ap-northeast-1
          role-to-assume: arn:aws:iam::000000000000:role/cdk-deploy-from-github
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: "npm"
      - run: npm ci
      - run: npm run build
      - name: Set up AWS CDK
        run: npm install -g aws-cdk
      - name: Make Cloudformation Templates
        run: cdk synth
      - uses: taichi/actions-cfn-diff@v1
        with:
          aws-region: ap-northeast-1
          role-to-assume: arn:aws:iam::000000000000:role/cdk-hnb659fds-lookup-role-000000000000-ap-northeast-1

Name		Name	Last commit message	Last commit date
Latest commit History 563 Commits
.github		.github
.vscode		.vscode
dist		dist
docs		docs
src		src
test		test
.eslintrc.json		.eslintrc.json
.gitattributes		.gitattributes
.gitignore		.gitignore
.prettierignore		.prettierignore
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

License

taichi/actions-cfn-diff

Folders and files

Latest commit

History

Repository files navigation

actions-cfn-diff

Precondition

Basic Usage Example

Assume role Example

Report Examples

Related Tools

About

Topics

Resources

License

Stars

Watchers

Forks

Languages