read_creds() search order should be environment first

[bfmike]

Hi,

I'm using Scout2 from an AWS instance to scan both the local AWS account and other AWS accounts through the STS assumeRole API call. When setting the environment variables to access a remote AWS account it is still scanning the local account because of the search order in the read_creds() function in utils.py.

The current search order is: csv_file, instance_metadata and then environment variables. A more logical search order would be: csv_file, environment variables, instance_metadata.

Mike

[l01cd3v]

This should be fixed in v1.0.0

[l01cd3v]

Note that the API of read_creds() has changed with this version. It's not backward compatible but offers nice features such as automatic assume role or renew STS sessions when token has expired.