GitHub
Sym provides both a first-party Access Strategy for moving users in and out of GitHub repos, and an SDK convenience method to check repo collaborators for approval routing.
Connect Sym with your AWS Secrets Manager
Follow the Manage Secrets with AWS Secrets Manager tutorial to connect your AWS Secrets Manager with the Sym Runtime.
Create a GitHub Access Token
In order to grant Sym access to GitHub, you'll need to create a new access token. To do so, go to your Github settings page then navigate to Settings -> Developer settings -> Personal access tokens then "Generate a new token".
The following permission scopes are required for Sym to invite and remove access to your organization's Github repositories:
- read:org
- repo
- user:email

Share your GitHub Access Token with Sym
Follow the Share Secrets with the Sym Runtime tutorial to share your credentials. We recommend using the plain style secret.
# Note: This example snippet shows only the GitHub specific resources.
# aws secretsmanager put-secret-value --secret-id "main/github-access-token" --secret-string "YOUR-GITHUB-ACCESS-TOKEN"
resource "aws_secretsmanager_secret" "github_access_token" {
name = "main/github-access-token"
description = "API Key for Sym to call GitHub APIs"
tags = {
# This SymEnv tag is required and MUST match the SymEnv tag in the
# aws_iam_policy.secrets_manager_access in your `secrets.tf` file
SymEnv = local.environment_name
}
}
resource "sym_secret" "github_access_token" {
# `sym_secrets` is defined in "Manage Secrets with AWS Secrets Manager"
source_id = sym_secrets.this.id
path = aws_secretsmanager_secret.github_access_token.name
}
Add a GitHub Integration
Define a sym_integration
resource with type = github
. This integration will specify the GitHub access token, and is necessary for the GitHub SDK methods and Access Strategy.
external_id
: Your GitHub Organizationapi_token_secret
: A required setting which must be set to the ID of asym_secret
referencing your GitHub access token
resource "sym_integration" "github" {
type = "github"
name = "main-github-integration"
# Your GitHub Organization name
external_id = "sym-test"
settings = {
# This secret was defined in the previous step
api_token_secret = sym_secret.github_access_token.id
}
}
Next Steps
With your GitHub credentials and Integration configured, you can now:
- Use the GitHub SDK Integration
- Configure a GitHub Access Strategy
Updated 6 months ago