Is it possible assume role rather than explicitly providing the credentials?
Context: When running on Kubernetes (EKS), we use a Kubernetes ServiceAccount. We don't even have these values: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN. Instead we have AWS_ROLE_ARN and AWS_WEB_IDENTITY_TOKEN_FILE. So for example, when using boto3, it automagically detects this and handles assuming the role.
Is it possible assume role rather than explicitly providing the credentials?
Context: When running on Kubernetes (EKS), we use a Kubernetes
ServiceAccount. We don't even have these values:AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,AWS_SESSION_TOKEN. Instead we haveAWS_ROLE_ARNandAWS_WEB_IDENTITY_TOKEN_FILE. So for example, when usingboto3, it automagically detects this and handles assuming the role.boto3 Assume Role With Web Identity Provider
EKS Docs IAM roles for service accounts