diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 52473ba..a71c026 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -19,6 +19,10 @@ on:
     branches:
       - "main"
 
+permissions:
+  id-token : write
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -34,7 +38,7 @@ jobs:
 
       - uses: aws-actions/configure-aws-credentials@master
         with:
-          role-session-name: GitHubActions
+          role-session-name: ${{ github.run_id }}
           role-to-assume: ${{ secrets.AWS_FRONTEND_DEPLOYMENT_ROLE_ARN }}
           aws-region: ${{ vars.AWS_REGION }}