A company is using GitHub Actions to run a CI/CD pipeline that accesses resources on AWS. The company has an IAM user that uses a secret key in the pipeline to authenticate to AWS. An existing IAM role with an attached policy grants the required permissions to deploy resources. The company’s security team implements a new requirement that pipelines can no longer use long- lived secret keys. A solutions architect must replace the secret key with a short-lived solution. Which solution will meet these requirements with the LEAST operational overhead?