provision-github-azure-federated-identity
CommunityProvision GitHub OIDC-enabled Azure identities
AuthorPlagueHO
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill provisions a single Azure User Assigned Managed Identity (UAMI) with OpenID Connect federation and RBAC bindings to GitHub, enabling passwordless authentication for GitHub Actions or Copilot without long-lived credentials.
Core Features & Use Cases
- Create or verify a GitHub integration resource group and a User Assigned Managed Identity (UAMI) for GitHub OIDC.
- Configure a Federated Identity Credential binding the UAMI to the GitHub repository and environment.
- Assign idempotent RBAC roles at subscription scope (default: Contributor + User Access Administrator) with a least-privilege condition, plus options to customize roles and remove unlisted ones.
- Supports both GitHub Actions environments and the Copilot coding agent; outputs credentials for GitHub secrets.
Quick Start
Run the PowerShell script with the required parameters to provision a GitHub identity for your repository.
Dependency Matrix
Required Modules
Az.AccountsAz.ResourcesAz.ManagedServiceIdentity
Components
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: provision-github-azure-federated-identity Download link: https://github.com/PlagueHO/plagueho.skills/archive/main.zip#provision-github-azure-federated-identity Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.