diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index d6852afa2..44509f4d3 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -3,15 +3,26 @@ on:
   release:
     types: [created]
 
+permissions:
+  contents: write
+  id-token: write
+
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v5.1.0
+        with:
+          aws-region: us-east-1
+          role-to-assume: arn:aws:iam::028537455170:role/Github/GithubAssetsUploadRole_noVNC-client
+          role-session-name: GithubAction
 
       - name: Upload to s3
-        run: ./uploadToS3.sh "${{ secrets.ASSETS_UPLOADER_KEY }}" "${{ secrets.ASSETS_UPLOADER_SECRET }}" "${{ github.event.release.tag_name }}"
+        run: ./uploadToS3.sh "${{ github.event.release.tag_name }}"
 
       - name: Slack
         uses: codio/codio-slack-action@master
diff --git a/uploadToS3.sh b/uploadToS3.sh
index b12d67b27..82abdac8f 100755
--- a/uploadToS3.sh
+++ b/uploadToS3.sh
@@ -1,9 +1,7 @@
 #!/bin/bash
 set -xe
 
-s3Key=$1
-s3Secret=$2
-tag=$3
+tag=$1
 folder="noVNC"
 cdn="\/\/static-assets.codio.com\/${folder}\/${tag}"
 
@@ -17,16 +15,20 @@ replaceTagVersion () {
 
 replaceJsUrls () {
   sed -i "s/\.\/package\.json/${cdn}\/package\.json/" "./app/ui.js"
+  sed -i "s/\"app\//\"${cdn}\/app\//" "./app/ui.js"
 }
 
 prepareSources () {
   replaceHtmlUrls "href=\"app\/" "href=\"${cdn}\/app\/"
   replaceHtmlUrls "src=\"app\/" "src=\"${cdn}\/app\/"
+  replaceHtmlUrls "from \".\/" "from \"${cdn}\/"
+  replaceHtmlUrls "from '.\/" "from '${cdn}\/"
+  replaceHtmlUrls "fetch('.\/" "fetch('${cdn}\/"
   replaceTagVersion
   replaceJsUrls
 }
 
-readarray -d '' files < <(find ./ -type f -print0)
+readarray -d '' files < <(find ./ -type f -not -path "*/.git/*" -not -path "*/.github/*" -print0)
 
 getContentType () {
   filename=$1
@@ -58,16 +60,9 @@ uploadFile () {
   fName="${file#./}"
   contentType=$2
   bucket="codio-assets"
-  resource="/${bucket}/${folder}/${tag}/${fName}"
-  dateValue=$(date -R)
-  stringToSign="PUT\n\n${contentType}\n${dateValue}\n${resource}"
-  signature=$(echo -en "${stringToSign}" | openssl sha1 -hmac "${s3Secret}" -binary | base64)
-  curl -X PUT -T "${file}" \
-    -H "Host: ${bucket}.s3.amazonaws.com" \
-    -H "Date: ${dateValue}" \
-    -H "Content-Type: ${contentType}" \
-    -H "Authorization: AWS ${s3Key}:${signature}" \
-    https://${bucket}.s3.amazonaws.com/"${folder}"/"${tag}"/"${fName}" || exit 1
+  resource="s3://${bucket}/${folder}/${tag}/${fName}"
+
+  aws s3 cp "${file}" "${resource}" --cache-control no-cache --content-type "${contentType}"
 }
 
 prepareSources