Skip to content

Commit 9a4a808

Browse files
authored
ci: switch AWS auth step to OIDC (#494)
Move upload process to auth via OIDC instead of a stored secret Related to neverendingsupport/infra-terraform#566
1 parent 6c2ef54 commit 9a4a808

1 file changed

Lines changed: 4 additions & 3 deletions

File tree

.github/workflows/manual-release.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -105,9 +105,10 @@ jobs:
105105
- name: Configure AWS credentials
106106
uses: aws-actions/configure-aws-credentials@v5
107107
with:
108-
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
109-
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
110-
aws-region: us-east-1
108+
role-to-assume: ${{ vars.aws_oidc_role_arn }}
109+
role-session-name: herodevs_cli_upload
110+
aws-region: ${{ vars.AWS_REGION }}
111+
111112

112113
- name: Upload and promote to S3
113114
run: |

0 commit comments

Comments
 (0)