diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index d4e824f..5f28525 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -24,9 +24,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v1
+      uses: hashicorp/setup-terraform@v2
       with:
         terraform_version: ${{ matrix.terraform_version }}
     - name: Initialise with no backend
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 3808a72..7fd4484 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Run tfsec
       uses: tfsec/tfsec-sarif-action@v0.1.4
       with:
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4add4a9..b78360b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@
 Notable changes to this project are documented in this changelog.  
 This project adheres to the [semantic versioning] specification.
 
+## [1.7.0] – 2023-10-26
+
+- Add the OIDC provider ARN as an output ([11d98e3](https://github.com/unfunco/terraform-aws-oidc-github/commit/11d98e3dea7ca8e41be157d21fe4769c31fe7570))
+
 ## [1.6.0] – 2023-09-07
 
 - Allow additional audiences to be specified ([d5f4644](https://github.com/unfunco/terraform-aws-oidc-github/commit/d5f46444ed4018b88d0204df037ac3b4dbca7a03))
@@ -133,4 +137,5 @@ This project adheres to the [semantic versioning] specification.
 [1.5.1]: https://github.com/unfunco/terraform-aws-oidc-github/compare/v1.5.0...v1.5.1
 [1.5.2]: https://github.com/unfunco/terraform-aws-oidc-github/compare/v1.5.1...v1.5.2
 [1.6.0]: https://github.com/unfunco/terraform-aws-oidc-github/compare/v1.5.2...v1.6.0
+[1.7.0]: https://github.com/unfunco/terraform-aws-oidc-github/compare/v1.6.0...v1.7.0
 [semantic versioning]: https://semver.org
diff --git a/README.md b/README.md
index 310c293..f52f693 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ provider "aws" {
 
 module "oidc_github" {
   source  = "unfunco/oidc-github/aws"
-  version = "1.6.0"
+  version = "1.7.0"
 
   github_repositories = [
     "org/repo",
@@ -53,8 +53,6 @@ jobs:
       id-token: write
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
     - name: Configure AWS credentials
       uses: aws-actions/configure-aws-credentials@v2
       with:
@@ -109,10 +107,11 @@ applied, the JWT will contain an updated `iss` claim.
 
 ## Outputs
 
-| Name          | Description           |
-| ------------- | --------------------- |
-| iam_role_arn  | ARN of the IAM role.  |
-| iam_role_name | Name of the IAM role. |
+| Name              | Description               |
+| ----------------- | ------------------------- |
+| iam_role_arn      | ARN of the IAM role.      |
+| iam_role_name     | Name of the IAM role.     |
+| oidc_provider_arn | ARN of the OIDC provider. |
 
 <!-- END_TF_DOCS -->
 
diff --git a/outputs.tf b/outputs.tf
index ec56701..1b51818 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -23,3 +23,9 @@ output "iam_role_name" {
   description = "Name of the IAM role."
   value       = var.enabled ? aws_iam_role.github[0].name : ""
 }
+
+output "oidc_provider_arn" {
+  depends_on  = [aws_iam_openid_connect_provider.github]
+  description = "ARN of the OIDC provider."
+  value       = var.enabled ? aws_iam_openid_connect_provider.github[0].arn : ""
+}