Skip to content

Commit

Permalink
Merge pull request #91 from scribd/helen/SERF-3090/oidc
Browse files Browse the repository at this point in the history 
[SERF-3090] Use role base access in AWS deployment
  • Loading branch information
@helenff
helenff authored Dec 21, 2023
2 parents 9e3d01f + 2accd49 commit 11792c3
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,11 @@ env:
DOCKER_BUILDKIT: 1
DOCKER_CACHE_PATH: ${{ github.workspace }}/tmp/docker-cache

permissions:
id-token: write
contents: read
actions: read

jobs:
release:
name: Release
Expand All @@ -27,10 +32,9 @@ jobs:
uses: rlespinasse/[email protected]

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.DEPLOYER_PRODUCTION_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.DEPLOYER_PRODUCTION_SECRET_KEY }}
role-to-assume: ${{ secrets.DEPLOYER_PRODUCTION_ROLE_ARN }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
Expand Down

0 comments on commit 11792c3

Please sign in to comment.