Thank you so much for not only creating this package and all of your efforts that have enriched the Cloud Computing Universe. I have lambda functions that gather information about our AWS organization. We use assume_role to get access_keys and secret access keys with session tokens. I'm struggling to develop a method to implement the skew config requirements for this package into our lambda functions. Currently we access account lists from a rds repository (not all accounts are in the aws organization) and build role arns and role sessions in a lambda "manager" function. We then create an inline policy and attach it to the lambda worker execution function role before invoking (using an function alias arn for our dev, test, and prod stages) our lambda worker function that gathers the information we need. We would prefer not to use Lambda environment variables and any other methods that involve reading a profile from an external source for concerns about security and maintenance in the function's lifecycle. Is there any recommendation or can you point me in direction where someone has addressed this issue so that I can use the sts response of access keys, secret access keys instead of the skew config file. Thank you. jm
Thank you so much for not only creating this package and all of your efforts that have enriched the Cloud Computing Universe. I have lambda functions that gather information about our AWS organization. We use assume_role to get access_keys and secret access keys with session tokens. I'm struggling to develop a method to implement the skew config requirements for this package into our lambda functions. Currently we access account lists from a rds repository (not all accounts are in the aws organization) and build role arns and role sessions in a lambda "manager" function. We then create an inline policy and attach it to the lambda worker execution function role before invoking (using an function alias arn for our dev, test, and prod stages) our lambda worker function that gathers the information we need. We would prefer not to use Lambda environment variables and any other methods that involve reading a profile from an external source for concerns about security and maintenance in the function's lifecycle. Is there any recommendation or can you point me in direction where someone has addressed this issue so that I can use the sts response of access keys, secret access keys instead of the skew config file. Thank you. jm