GitHub Actions to AWS without stored credentials: OIDC role federation
Replace long-lived AWS credentials in GitHub secrets with short-lived tokens using OIDC federation. Covers trust policy setup, per-branch and per-environment scoping, multi-environment role design, and...