The previous script only exported AWS_WEB_IDENTITY_TOKEN_FILE and
AWS_ROLE_ARN, expecting AWS CLI/Terraform to pick them up automatically.
However, Terraform's S3 backend does not use these variables implicitly.
Now we explicitly call 'aws sts assume-role-with-web-identity',
parse the JSON response, and export the temporary credentials:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_SESSION_TOKEN
Also exports AWS_REGION for Terraform S3 backend compatibility.
Fixes pipeline failure in step 03_terraform with:
InvalidIdentityToken: Incorrect token audience
Evert Daniel Romero Garrido
ec40b94795