diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4ddd7e4c..d42585d9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,6 +7,11 @@ env:
   DOCKER_BUILDKIT: 1
   DOCKER_CACHE_PATH: ${{ github.workspace }}/tmp/docker-cache
 
+permissions:
+  id-token: write
+  contents: read
+  actions: read
+
 jobs:
   release:
     name: Release
@@ -27,10 +32,9 @@ jobs:
         uses: rlespinasse/github-slug-action@v3.x
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
-          aws-access-key-id: ${{ secrets.DEPLOYER_PRODUCTION_ACCESS_KEY }}
-          aws-secret-access-key: ${{ secrets.DEPLOYER_PRODUCTION_SECRET_KEY }}
+          role-to-assume: ${{ secrets.DEPLOYER_PRODUCTION_ROLE_ARN }}
           aws-region: ${{ env.AWS_REGION }}
 
       - name: Login to Amazon ECR