Since Openblocks already provides an official AWS Marketplace image, it would be good to leverage Amazon EC2 capabilities of using IAM Roles instead of long-lived credentials.
At the moment, data sources like DynamoDB, S3, Athena, Lambda (and potentially Redshift) require long-lived credentials using AWS Access Key ID and Secret Access Key. There is EC2 metadata service is available from docker images that are powering Openblocks. The containers could access the service to obtain temporary credentials to connect to the AWS resources instead of using long-lived credentials.
Temporary credentials would improve security and convenience for users using the Openblocks AWS Marketplace image.
Since Openblocks already provides an official AWS Marketplace image, it would be good to leverage Amazon EC2 capabilities of using IAM Roles instead of long-lived credentials.
At the moment, data sources like DynamoDB, S3, Athena, Lambda (and potentially Redshift) require long-lived credentials using AWS Access Key ID and Secret Access Key. There is EC2 metadata service is available from docker images that are powering Openblocks. The containers could access the service to obtain temporary credentials to connect to the AWS resources instead of using long-lived credentials.
Temporary credentials would improve security and convenience for users using the Openblocks AWS Marketplace image.