AWS Resources

It is common for runners to need to access resources in your AWS account such as S3 buckets, RDS databases or EC2 instances.

Both GitHub-hosted runners and Sprinters let use you GitHub Actions secrets or OpenID Connect to access the resources in your AWS account.

However, Sprinters also lets you use IAM instance profiles as a simpler highly-secure alternative.

Using GitHub-hosted runners

Using GitHub-hosted runners, requires making your AWS resources internet-accessible for your runner to be able to access them:

Additionally, AWS will charge you for egress traffic from your resources back to your runner.

Using Sprinters

With Sprinters, all traffic stays within AWS:

If your runner is in the same region as your resources, there will be no data transfer charge and you will benefit from the lowest latency and highest transfer rates.

Using IAM instance profiles (Sprinters-only)

In addition to GitHub Actions secrets and OpenID Connect , Sprinters also gives you a third option not available to GitHub-hosted runners to access the resources in your AWS account: IAM instance profiles .

IAM instance profiles are an easy and secure way to give your runner’s EC2 instance short-lived temporary credentials that can be used to access the resources in your AWS account.

All you need to do is create a role with the required permissions in the AWS console and pass its instance profile name to sprinters:

runs-on: sprinters:aws/123456789012:ubuntu-latest:profile=my-instance-profile

And all software on your runner that uses an AWS SDK will automatically pick up these credentials to securely connect to your resources.

If your runner is in the same region as your resources, there will be no data transfer charge and you will benefit from the lowest latency and highest transfer rates.