diff --git a/.github/workflows/build-docker-image-and-binaries.yaml b/.github/workflows/build-docker-image-and-binaries.yaml index f80e0745c..b70870ba3 100644 --- a/.github/workflows/build-docker-image-and-binaries.yaml +++ b/.github/workflows/build-docker-image-and-binaries.yaml @@ -31,7 +31,7 @@ jobs: uses: aws-actions/configure-aws-credentials@v1 with: aws-region: us-east-2 - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ghwf-axelar-core + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ghwf-${{ github.event.repository.name }} - name: Validate tag env: diff --git a/.github/workflows/build-latest-docker-image.yaml b/.github/workflows/build-latest-docker-image.yaml index 47e684edd..d50535e11 100644 --- a/.github/workflows/build-latest-docker-image.yaml +++ b/.github/workflows/build-latest-docker-image.yaml @@ -39,7 +39,7 @@ jobs: uses: aws-actions/configure-aws-credentials@v1 with: aws-region: us-east-2 - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ghwf-axelar-core + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ghwf-${{ github.event.repository.name }} - name: Login to Amazon ECR id: login-ecr diff --git a/.github/workflows/take-snapshot.yaml b/.github/workflows/take-snapshot.yaml index 9e41fd2d2..be6a39c61 100644 --- a/.github/workflows/take-snapshot.yaml +++ b/.github/workflows/take-snapshot.yaml @@ -11,15 +11,16 @@ jobs: deploy: name: Deploy runs-on: ubuntu-latest - + permissions: + id-token: write + contents: read steps: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-2 + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ghwf-${{ github.event.repository.name }} - name: Validate tag env: