Skip to content

Commit

Permalink
Use IAM roles for cd instead of IAM keys (#95)
Browse files Browse the repository at this point in the history 
* Add step for configuring role-based credentials

* Remove key-related envs
  • Loading branch information
@dkluba
dkluba authored Feb 26, 2024
1 parent 057d986 commit 1848136
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions .github/workflows/cd.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,14 @@ jobs:
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- run: npm i aws-sdk@^2.977.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
role-to-assume: ${{ secrets.RELEASE_ROLE_ARN }}
role-session-name: OIDCSession
- run: node scripts/publish-to-cdn.js
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
RUM_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.RUM_CLOUDFRONT_DISTRIBUTION_ID }}
RUM_S3_BUCKET: ${{ secrets.RUM_S3_BUCKET }}
SLACK_WEBHOOK_TRACING_RELEASES: ${{ secrets.SLACK_WEBHOOK_TRACING_RELEASES }}

0 comments on commit 1848136

Please sign in to comment.