From d376d1ad6d99e84cc4e76d32069e1b5edfbaad30 Mon Sep 17 00:00:00 2001
From: Artur Finger <fingerartur@gmail.com>
Date: Mon, 20 Nov 2023 15:20:25 +0200
Subject: [PATCH] aws cred

---
 .github/workflows/publish.yml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 410525d..4ad76f5 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -11,6 +11,9 @@ env:
   # VERSION: ${{ github.event.release.tag_name }}
   VERSION: 0.7.7
 
+permissions:
+  id-token: write
+
 jobs:
   publish:
     name: Publish a new version
@@ -58,11 +61,11 @@ jobs:
 
       # # TODO how does this work? Does the repo need to be registered to be
       # # able to assume that role or what?
-      # - name: Assume AWS role
-      #   uses: aws-actions/configure-aws-credentials@v1-node16
-      #   with:
-      #     role-to-assume: arn:aws:iam::068037490145:role/prestoplay-web-web-uploader
-      #     aws-region: us-east-1
+      - name: Assume AWS role
+        uses: aws-actions/configure-aws-credentials@v1-node16
+        with:
+          role-to-assume: arn:aws:iam::068037490145:role/prestoplay-web-web-uploader
+          aws-region: us-east-1
 
       # Is there a dry run? Let's perhaps try version 0.0.1
       # - name: Upload to S3