From b39512ed755239198a9c294b6a45e65c05900235 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Thu, 18 Aug 2022 08:17:02 +0000 Subject: Add latest changes from gitlab-org/gitlab@15-3-stable-ee --- doc/ci/cloud_services/aws/index.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'doc/ci/cloud_services/aws/index.md') diff --git a/doc/ci/cloud_services/aws/index.md b/doc/ci/cloud_services/aws/index.md index dc8dfd95899..2e1abf83a11 100644 --- a/doc/ci/cloud_services/aws/index.md +++ b/doc/ci/cloud_services/aws/index.md @@ -62,16 +62,14 @@ After you configure the OIDC and role, the GitLab CI/CD job can retrieve a tempo assume role: script: - > - STS=($(aws sts assume-role-with-web-identity + export $(printf "AWS_ACCESS_KEY_ID=%s AWS_SECRET_ACCESS_KEY=%s AWS_SESSION_TOKEN=%s" + $(aws sts assume-role-with-web-identity --role-arn ${ROLE_ARN} --role-session-name "GitLabRunner-${CI_PROJECT_ID}-${CI_PIPELINE_ID}" --web-identity-token $CI_JOB_JWT_V2 --duration-seconds 3600 --query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]' --output text)) - - export AWS_ACCESS_KEY_ID="${STS[0]}" - - export AWS_SECRET_ACCESS_KEY="${STS[1]}" - - export AWS_SESSION_TOKEN="${STS[2]}" - aws sts get-caller-identity ``` -- cgit v1.2.3