Support for `.aws/config`?

[vspinu]

Please specify whether your issue is about:

• [ ] a possible bug
• [ ] a question about package functionality
• [x] a suggested code or documentation change, improvement to the code, or feature request

My .aws/config file has entries like this

[profile power]
role_arn = arn:aws:iam::1234567891011:role/PowerUserRole
source_profile = default
region = eu-central-1

Which specifies both region and role. This works with aws cli and, surely, there is a common expectation that it should work here as well. Currently .aws/config seems to be ignored (related #18, cloudyr/aws.s3#168).

Would be great if,

1. profiles where searched in .aws./config first for region and role
2. Any roles be assumed automatically like in aws cli

[jon-mago]

This is absolutely something I would like to see working. Thank you for raising this ticket.

It's complicated by (as was noted over in cloudyr/aws.iam#13) a lot of the needed functionality being split over the two packages. I think to support this all of the credentials type code (parsing the config files, running down the list here, assuming a role as part of that) would be better living in one package, as otherwise they'd have circular dependencies anyway. It always seemed a little weird to me that aws.iam was both "make roles and users" and "assume roles", when the latter is another source of credentials. But ultimately, as long as which package a user needs to install is clearly communicated, I think that it doesn't matter which package this functionality ends up in.

[davidski]

A reference to how the paws package is handling the credential_process problem - https://github.com/paws-r/paws/commit/86de247d17ff5d020ba73e4f63da345ffc8acbe3, and an approach for source_profile as well - https://github.com/paws-r/paws/issues/253#issuecomment-698606017. Would be fantastic to get similar support in the cloudyr ecosystem!