Hi, I wrote this post about automating your IaC for AWS with Github Actions. It focuses a lot on setting up the IAM resources necessary (with pulumi of course) so that you can have GHA fully automate the preview and apply of your IaC. I hope it's helpful to anyone getting started.
https://fearlessaws.substack.com/p/automating-infrastructure-as-code