The AWS Secrets Manager Agent is a local HTTP service that you can install and use in your compute environments to read secrets from Secrets Manager and cache them in memory.
When starting up the ASM agent, we validate the credentials available by performing a STS GetCallerIdentity call. This ensures that the agent fails to start up if the credentials are invalid.
When starting up the ASM agent, we validate the credentials available by performing a STS GetCallerIdentity call. This ensures that the agent fails to start up if the credentials are invalid.
https://github.com/aws/aws-secretsmanager-agent/blob/2f1926adb503cedfd8cf92534230ce075aa0e503/aws_secretsmanager_agent/src/utils.rs#L131-L144
Provide a way to disable this STS check through a config parameter, keep it enabled by default.