Seed iam role update (#735)

* Git repo url

* Editing Seed IAM role steps

Author: jayair

_chapters/changelog.md

@@ -23,10 +23,16 @@ You can get these updates emailed to you via our [newsletter]({% link newsletter
 
 ### Changes
 
-#### [v8.0: {{ site.data.changelog.current.title }}](https://branchv80.archives.sst.dev/) (Current)
+#### [v8.0.1: {{ site.data.changelog.current.title }}](https://branchv801.archives.sst.dev/) (Current)
 
 {{ site.data.changelog.current.desc }}
 
+- [Tutorial changes]({{ site.github_repo }}/compare/v8.0...v8.0.1)
+
+#### [v8.0: {{ site.data.changelog.v8-0.title }}](https://branchv80.archives.sst.dev/)
+
+{{ site.data.changelog.v8-0.desc }}
+
 - [Tutorial changes]({{ site.github_repo }}/compare/v7.4...v8.0)
 - [Demo notes app source]({{ site.sst_demo_repo }}/compare/v1.4...v2.0)
 

_chapters/setting-up-your-project-on-seed.md

@@ -28,34 +28,46 @@ Next, Seed will automatically detect the `sst.config.ts` file in your repo. Clic
 
 ![SST app detected](/assets/part2/sst-app-detected.png)
 
-Seed deploys to your AWS account on your behalf. You should create a separate IAM user with exact permissions that your project needs. You can read more about this [here](https://seed.run/docs/customizing-your-iam-policy). But for now we'll simply use the one we've used in this tutorial.
+Seed uses an IAM role to deploy to your AWS account on your behalf. It's more secure than the IAM user we created previously in this guide. An IAM role gives Seed temporary IAM credentials to deploy your app. These credentials expire after a short period of time.
 
-{%change%} Run the following command.
+![Seed AWS IAM Role form](/assets/part2/seed-aws-iam-role-form.png)
 
-``` bash
-$ cat ~/.aws/credentials
-```
+You should create this IAM role with the exact permissions that your project needs. You can read more about this [here](https://seed.run/docs/customizing-your-iam-policy). But for now we'll simply use the default one.
 
-The output should look something like this.
+![Seed create IAM role](/assets/part2/seed-create-iam-role.png)
 
-``` txt
-[default]
-aws_access_key_id = YOUR_IAM_ACCESS_KEY
-aws_secret_access_key = YOUR_IAM_SECRET_KEY
-```
+Click the **Create an IAM Role using CloudFormation** button. This will send you to the AWS Console and ask you to create a CloudFormation stack.
 
-Seed will also create a couple of stages (or environments) for you. By default, it'll create a **dev** and a **prod** stage using the same AWS credentials. You can customize these but we'll use the defaults.
+![AWS create CloudFormation stack](/assets/part2/aws-create-cloudformation-stack.png)
+
+Scroll down, **confirm** the checkbox at the bottom and click **Create stack**.
+
+![AWS click create CloudFormation stack](/assets/part2/aws-click-create-cloudformation-stack.png)
 
-Fill in the credentials and click **Add a New App**.
+It will take a couple of minutes to create the stack. Once complete, click the **Outputs** tab.
+
+![AWS CloudFormation stack outputs](/assets/part2/aws-cloudformation-stack-outputs.png)
+
+Copy the **RoleArn value**. Ours looks something like this.
+
+```text
+arn:aws:iam::206899313015:role/seed/seed-role-SeedRole-BXQYLZX7AB8J
+```
+
+Now back in Seed, you can paste the credentials.
 
 ![Add AWS IAM credentials](/assets/part2/add-aws-iam-credentials.png)
 
-Your new app is created. You'll notice a few things here. First, we have a service called **notes**. It's picking up the name from our `sst.config.ts` file. You can choose to change this by clicking on the service and editing its name.  You'll also notice the two stages that have been created.
+Seed will also create a couple of stages (or environments) for you. By default, it'll create a **dev** and a **prod** stage using the same AWS credentials. You can customize these but we'll use the defaults.
 
-Our app can have multiple services within it. A service (roughly speaking) is a reference to a `sst.config.ts` or `serverless.yml` file (for Serverless Framework). In our case we just have the one service.
+Finally click **Add a New App**.
+
+Your new app is created. You'll notice a few things here. First, we have a service called **notes**. It's picking up the name from our `sst.config.ts` file. You can choose to change this by clicking on the service and editing its name.  You'll also notice the two stages that have been created.
 
 ![Seed app homepage](/assets/part2/seed-app-homepage.png)
 
+Our app can have multiple services within it. A service (roughly speaking) is a reference to a `sst.config.ts` or `serverless.yml` file (for Serverless Framework). In our case we just have the one service.
+
 Now before we proceed to deploying our app, we need to enable running unit tests as a part of our build process. You'll recall that we had added a couple of tests back in the [unit tests]({% link _chapters/unit-tests-in-serverless.md %}) chapter. And we want to run those before we deploy our app.
 
 To do this, hit the **Settings** link and click **Enable Unit Tests**.

_data/changelog.yml

@@ -1,4 +1,8 @@
 current:
+  title: "Updating Seed to IAM roles"
+  desc: "Sep 15, 2023: Minor changes to the setting up your project on Seed chapter."
+
+v8-0:
   title: "Updating to TypeScript"
   desc: "Aug 31, 2023: Using TS by default, switching to pnpm, and using Vite instead of Create React App. And archiving old chapters."
 

_includes/footer.html

@@ -247,7 +247,7 @@
       ? parseFloat((num / 1000).toFixed(1)) + "k"
       : num;
   }
-  $.ajax("https://api.github.com/repos/serverless-stack/sst")
+  $.ajax("https://api.github.com/repos/sst/sst")
     .done(function(data) {
       $("#github-star-count").text(formatStars(data.stargazers_count));
     });