CI/CD: Secrets — migrate to GitHub Actions OIDC for AWS credentials

[Hexstar-labs]

Description:
Long-lived AWS access keys stored as GitHub secrets are a security risk.

Tasks:

• Configure AWS IAM OIDC identity provider for GitHub Actions
• Create IAM role with least-privilege policy for deployment
• Update deployment workflows to use aws-actions/configure-aws-credentials with OIDC
• Remove static AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY secrets
• Document OIDC setup in docs/aws-oidc.md

---

[0xMegie]

@0xMegie has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

Can I work on this?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @0xMegie to this issue.

[Nonso-Eze]

@Nonso-Eze has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

Can I work on this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Nonso-Eze to this issue.

[drips-wave]

Congratulations, @Nonso-Eze! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on March 30, 2026.

🧑‍💻 @Nonso-Eze: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been completed by @Nonso-Eze as part of the Stellar Wave Program's 3rd Wave 🥳

😎 @Nonso-Eze: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.