fix: oidc role name in cicd

edelwud · Mar 15, 2023 · 6a72fb6 · 6a72fb6
1 parent 94ce44f
commit 6a72fb6
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 7 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -52,7 +52,7 @@ jobs:
           aws-region: us-west-2
           role-duration-seconds: 1800
           role-skip-session-tagging: true
-          role-to-assume: arn:aws:iam::762714406455:role/GithubActionsDeployRole
+          role-to-assume: arn:aws:iam::762714406455:role/GitHubActionRole
           role-session-name: github-actions-runner
       - id: Publish
         name: Publish Assets-FileAsset1
@@ -81,7 +81,7 @@ jobs:
           aws-region: us-west-2
           role-duration-seconds: 1800
           role-skip-session-tagging: true
-          role-to-assume: arn:aws:iam::762714406455:role/GithubActionsDeployRole
+          role-to-assume: arn:aws:iam::762714406455:role/GitHubActionRole
           role-session-name: github-actions-runner
       - id: Publish
         name: Publish Assets-FileAsset2
@@ -110,7 +110,7 @@ jobs:
           aws-region: us-west-2
           role-duration-seconds: 1800
           role-skip-session-tagging: true
-          role-to-assume: arn:aws:iam::762714406455:role/GithubActionsDeployRole
+          role-to-assume: arn:aws:iam::762714406455:role/GitHubActionRole
           role-session-name: github-actions-runner
       - id: Publish
         name: Publish Assets-FileAsset3
@@ -132,7 +132,7 @@ jobs:
           aws-region: us-east-1
           role-duration-seconds: 1800
           role-skip-session-tagging: true
-          role-to-assume: arn:aws:iam::762714406455:role/GithubActionsDeployRole
+          role-to-assume: arn:aws:iam::762714406455:role/GitHubActionRole
           role-session-name: github-actions-runner
       - name: Assume CDK Deploy Role
         uses: aws-actions/configure-aws-credentials@v1-node16
@@ -171,7 +171,7 @@ jobs:
           aws-region: us-east-1
           role-duration-seconds: 1800
           role-skip-session-tagging: true
-          role-to-assume: arn:aws:iam::762714406455:role/GithubActionsDeployRole
+          role-to-assume: arn:aws:iam::762714406455:role/GitHubActionRole
           role-session-name: github-actions-runner
       - name: Assume CDK Deploy Role
         uses: aws-actions/configure-aws-credentials@v1-node16

diff --git a/src/github-actions.stack.ts b/src/github-actions.stack.ts
@@ -10,7 +10,6 @@ import { Construct } from "constructs";
 
 export class GithubActionsStack extends Stack {
   role = new GitHubActionRole(this, "GithubActionsRole", {
-    roleName: "GithubActionsDeployRole",
     repos: ["edelwud/dynamodb-s3-export"],
   });
 
@@ -19,7 +18,7 @@ export class GithubActionsStack extends Stack {
       commands: ["yarn", "npx projen build"],
     }),
     awsCreds: AwsCredentials.fromOpenIdConnect({
-      gitHubActionRoleArn: `arn:aws:iam::${this.account}:role/GithubActionsDeployRole`,
+      gitHubActionRoleArn: `arn:aws:iam::${this.account}:role/GitHubActionRole`,
       roleSessionName: "github-actions-runner",
     }),
   });