In this web content, the author shares their experience with implementing Open ID Connect (OIDC) while working on an IaC automation tool called Digger. Initially, they used a GitHub action to handle OIDC, but later had to implement it directly in Digger, which required a deeper understanding of OIDC. The author explains that OIDC simplifies the authentication process in AWS by allowing the use of temporary keys instead of long-lived keys. They then outline the steps to use OIDC with AWS and GitHub Actions, highlighting the use of a web identity token and JWT verification. The author provides a simplified explanation of OIDC and emphasizes its applicability in other cloud providers and CI systems.
https://blog.digger.dev/how-open-id-connect-works-illustrated/