From 47813a57a0730ccc61a8c25512c2da6a14e531ab Mon Sep 17 00:00:00 2001
From: Justin Plock <jplock@users.noreply.github.com>
Date: Sat, 7 Dec 2024 12:07:40 -0800
Subject: [PATCH] Recommend using GitHub OIDC role assumption over hardcoded
 access keys

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d8f03a2..4baf1f1 100644
--- a/README.md
+++ b/README.md
@@ -27,8 +27,8 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
       - uses: aws-actions/configure-aws-credentials@v2
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          role-to-assume: ${{ secrets.ASSUME_ROLE_ARN }}
+          role-session-name: ci
           aws-region: us-east-2
       # Build inside Docker containers
       - run: sam build --use-container