From 9278398e0ea7271f580d8153eeae67a35b9a2479 Mon Sep 17 00:00:00 2001
From: Dennis Henry <dennis.henry@okta.com>
Date: Mon, 6 Jan 2025 10:15:11 -0500
Subject: [PATCH 1/3] Update build.yml

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 8ced70b..21ef5ad 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -42,7 +42,7 @@ jobs:
       run: yarn
 
     - name: Configure AWS Credentials using OIDC
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4 on 2025-01-06
       with:
         role-to-assume: ${{ secrets.awsIAMS3UploadRole }}
         role-session-name: github-action-account-link-extension-publish

From cdb37a6422a99e7a78776bac2cf6cd11b0a154bf Mon Sep 17 00:00:00 2001
From: Dennis Henry <dennis.henry@okta.com>
Date: Mon, 6 Jan 2025 10:23:10 -0500
Subject: [PATCH 2/3] Update build.yml

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 21ef5ad..9b96abf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -44,7 +44,7 @@ jobs:
     - name: Configure AWS Credentials using OIDC
       uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4 on 2025-01-06
       with:
-        role-to-assume: ${{ secrets.awsIAMS3UploadRole }}
+        role-to-assume: arn:aws:iam::010616021751:role/s3-upload-account-link-extension
         role-session-name: github-action-account-link-extension-publish
         aws-region: us-west-1
 

From 2fd0ce006cc8b2316ccc84c7af7f1faf88eca47d Mon Sep 17 00:00:00 2001
From: Dennis Henry <dennis.henry@okta.com>
Date: Mon, 6 Jan 2025 10:50:12 -0500
Subject: [PATCH 3/3] Update build.yml

---
 .github/workflows/build.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 9b96abf..b6c48a5 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -9,6 +9,9 @@ permissions:
   id-token: write
   contents: read
 
+env:
+  AWS_ROLE: ${{ secrets.awsIAMS3UploadRole }}
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -44,7 +47,7 @@ jobs:
     - name: Configure AWS Credentials using OIDC
       uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4 on 2025-01-06
       with:
-        role-to-assume: arn:aws:iam::010616021751:role/s3-upload-account-link-extension
+        role-to-assume: ${{ env.AWS_ROLE }}
         role-session-name: github-action-account-link-extension-publish
         aws-region: us-west-1