In this Show ’n Tell, Bas Bremer will tell you all about how you can secure your pipelines in Github and AWS.

When collaborating on IaC projects in GitLab, it’s best practice to use pipelines to keep your resources in sync. That way, all changes to your infrastructure are auditable and traceable. Also, you don’t have to worry about conflicts between you and your co-workers because GitLab handles that for you.

In order to make it possible, it’s necessary to allow GitLab to access the AWS environment. This can be done by creating an AWS account, which comes with credentials, which should be stored in GitLab. This is possible but how are you able to maintain this? And what if you have multiple accounts and need to rotate all the keys? Isn’t there another way? Yes there is!