Switch to OpenID Connect authentication (#383)

Author: errm

.github/workflows/ci.yml

@@ -1,4 +1,6 @@
-
+permissions:
+  id-token: write # This is required for requesting the JWT
+  contents: read  # This is required for actions/checkout
 on:
   pull_request:
     paths-ignore:
@@ -32,11 +34,9 @@ jobs:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
           role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
-          role-skip-session-tagging: true
+          role-session-name: github-actions-ci
       - name: 'Terraform Validate cluster'
         run: terraform validate
         working-directory: 'examples/cluster'
@@ -50,11 +50,9 @@ jobs:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
           role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
-          role-skip-session-tagging: true
+          role-session-name: github-actions-ci
       - name: 'Terratest'
         uses: ./.github/actions/terratest
         with: