Support AWS Web Identity Token File authentication

[mrkovalchuk]

aiodynamo doesn't support AWS Web Identity Token File authentication doesn't support AWS Web Identity Token File authentication out of the box.

It looks like a typical case. For my team, we would like to use that authentication in our services in k8s by using IAM Roles for Service Accounts(IRSA)

Related issue: https://github.com/HENNGE/aiodynamo/issues/128 Related PR: https://github.com/HENNGE/aiodynamo/pull/127

There was a similar issue, but I decided to create another one because I think we can describe our goal and issue more directly.

So, as discovered in a related PR, we should implement the AssumeRoleWithWebIdentity API for this authentication.

[ojii]

aiodynamo doesn't support AWS Web Identity Token File authentication.

sorry to be nit-picky, but aiodynamo technically supports any kind of authentication you want, because it allows you to provide a custom credentials loader.

I assume you meant to say "doesn't support it out of the box" and that's fair.

As in #128 #127, my biggest concern with adding this to aiodynamo itself is "how do we test this" (both in unit tests/integration tests and manually on actual EKS). I do not use k8s so if you want to provide an implementation of this credentials loader, please make sure to avoid the issues outlined in #127 and provide clear and simple instructions on how to verify your implementation on EKS/k8s.

[mrkovalchuk]

sorry to be nit-picky, but aiodynamo technically supports any kind of authentication you want, because it allows you to provide a custom credentials loader.

You're right =) Of course, I meant "doesn't support it out of the box", sorry about it 👍 Also, I didn't expect your answer so quickly!

I prepare some workaround that works for me. I need approval on a concept.

and provide clear and simple instructions on how to verify your implementation on EKS/k8s.

👍