Per request config

[beno]

For role based access, ExAws needs to work with dynamic KEYs and SECRETs on a per request basis.

See https://github.com/ex-aws/ex_aws/wiki/IAM:-AWS-Role-Based-Access-for-users-with-MFA-(MultiFactorAuthentication) for details.

Currently arc is only capable to use the fixed credentials from config, making it incompatible with IAM roles. Overriding the config values at runtime (Application.put_env) is not an option, since the 'root account' credentials must be preserved.

Am I seeing this correctly? I think maybe passing in a config S3 option or defining/calling a config function in Arc.Definition could fix this. Thoughts?

[eprothro]

I'm not sure I understand the motivation for dynamic keys and secrets per-request.

However I agree that I'd like to be able to define an IAM role with ex_aws config and this role be assumed and used by arc