Use OIDC Role in workflows

benieric · benieric · commit a1d3183928a2 · 2024-12-19T14:36:48.000-08:00
diff --git a/.github/workflows/botocore-sync.yml b/.github/workflows/botocore-sync.yml
@@ -12,8 +12,8 @@ jobs:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          role-to-assume: ${{ secrets.CODEBUILD_ROLE_ARN }}
+          role-duration-seconds: 10800
           aws-region: us-west-2
 
       - name: Run CodeBuild
diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
@@ -14,8 +14,8 @@ jobs:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          role-to-assume: ${{ secrets.CODEBUILD_ROLE_ARN }}
+          role-duration-seconds: 10800
           aws-region: us-west-2
 
       - name: Run CodeBuild
