Thanks for sharing. I did add "--exclude ".*" --size-only" to the s3 sync command however, as otherwise it syncs all the files all the time (due to the timestamps always being new with the actions/checkout action. I know, there's a small risk it will now not sync a file if the size would be exactly the same, but I deem that chance to be small in my scenario). I also excluded the directories or files starting with a dot (otherwise the .github folder got synced). I prefer this solution in comparison to the one with AWS CodePipeline, as this solution would also delete the files in your bucket if they got deleted in your Github repo.
I also created a user specific for this action and assigned it a custom policy with these rights:
Thanks for sharing. I did add "--exclude ".*" --size-only" to the s3 sync command however, as otherwise it syncs all the files all the time (due to the timestamps always being new with the actions/checkout action. I know, there's a small risk it will now not sync a file if the size would be exactly the same, but I deem that chance to be small in my scenario). I also excluded the directories or files starting with a dot (otherwise the .github folder got synced). I prefer this solution in comparison to the one with AWS CodePipeline, as this solution would also delete the files in your bucket if they got deleted in your Github repo.
I also created a user specific for this action and assigned it a custom policy with these rights:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EnableListingFilesInBucket",
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::"
},
{
"Sid": "EnablingChangingFiles",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::/*"
}
]
}