From 9d1c42024f82ae2063a158f6872c3a795263ea99 Mon Sep 17 00:00:00 2001
From: kellertk <kellertk@amazon.com>
Date: Wed, 11 Mar 2026 17:20:56 -0700
Subject: [PATCH] chore: revert "chore: static integ test refactor (#1655)"

This reverts commit b6772acfeb807319db8477844e12030ec8939632.
---
 .github/workflows/tests-integ-release.yml | 43 ++++-------------------
 1 file changed, 6 insertions(+), 37 deletions(-)

diff --git a/.github/workflows/tests-integ-release.yml b/.github/workflows/tests-integ-release.yml
index 4e61825..32a254e 100644
--- a/.github/workflows/tests-integ-release.yml
+++ b/.github/workflows/tests-integ-release.yml
@@ -34,16 +34,11 @@ jobs:
   #can cut this test out if it's not necessary
   static_assumeRole:
     if: ${{ github.event_name == 'workflow_dispatch' || (github.event.pull_request.user.login == 'aws-sdk-osds' && github.repository == 'aws-actions/configure-aws-credentials') }}
-    permissions:
-        id-token: write
     strategy: 
         fail-fast: false
         matrix:
             os: [windows-latest, ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
-    defaults: 
-        run:
-            shell: bash
     name: Static IAM creds test
     steps:
       - name: checkout
@@ -51,42 +46,16 @@ jobs:
         with:
             fetch-depth: 0
             persist-credentials: false
-      - name: assume creator Role
+      - name: Configure AWS credentials
         uses: ./
         with:
             aws-region: us-west-2
-            role-to-assume: ${{ secrets.STATIC_USER_CREATION_ROLE }}
-      - name: create and mask access key
-        id: create-key
-        run: | 
-            AK_OUTPUT=$(aws iam create-access-key --user-name integ-test-static-user-${{ runner.os }})
-            AK_ID=$(echo $AK_OUTPUT | jq -r '.AccessKey.AccessKeyId')
-            SECRET_AK=$(echo $AK_OUTPUT | jq -r '.AccessKey.SecretAccessKey')
-            echo "::add-mask::$AK_ID"
-            echo "::add-mask::$SECRET_AK"
-            echo "STATIC_ACCESS_KEY_ID=$AK_ID" >> $GITHUB_OUTPUT
-            echo "STATIC_SECRET_ACCESS_KEY=$SECRET_AK" >> $GITHUB_OUTPUT
-      - name: sleep so key can propagate
-        run: sleep 30
-      - name: assume role with static creds
-        uses: ./
-        with:
-            aws-region: us-west-2
-            role-to-assume: ${{ secrets.STATIC_TEST_TARGET_ROLE }}
-            aws-access-key-id: ${{ steps.create-key.outputs.STATIC_ACCESS_KEY_ID }}
-            aws-secret-access-key: ${{ steps.create-key.outputs.STATIC_SECRET_ACCESS_KEY }}
-      - name: check account
-        run: aws sts get-caller-identity
-      - name: log back into creator role
-        if: success() || failure()
-        uses: ./
-        with:
-            aws-region: us-west-2
-            role-to-assume: ${{ secrets.STATIC_USER_CREATION_ROLE }}
-      - name: delete access key
-        if: success() || failure()
+            aws-access-key-id: ${{ secrets.STATIC_ak_id }}
+            aws-secret-access-key: ${{ secrets.STATIC_secret_ak }}
+            role-to-assume: ${{ secrets.STATIC_role }}
+      - name: Get Caller Identity
         run: |
-            aws iam delete-access-key --user-name integ-test-static-user-${{ runner.os }} --access-key-id ${{ steps.create-key.outputs.STATIC_ACCESS_KEY_ID }}
+          aws sts get-caller-identity
 
   role_chaining:
     if: ${{ github.event_name == 'workflow_dispatch' || (github.event.pull_request.user.login == 'aws-sdk-osds' && github.repository == 'aws-actions/configure-aws-credentials') }}