Currently arc is only capable to use the fixed credentials from config, making it incompatible with IAM roles. Overriding the config values at runtime (Application.put_env) is not an option, since the 'root account' credentials must be preserved.
Am I seeing this correctly? I think maybe passing in a config S3 option or defining/calling a config function in Arc.Definition could fix this. Thoughts?
For role based access, ExAws needs to work with dynamic KEYs and SECRETs on a per request basis.
See https://github.com/ex-aws/ex_aws/wiki/IAM:-AWS-Role-Based-Access-for-users-with-MFA-(MultiFactorAuthentication) for details.
Currently arc is only capable to use the fixed credentials from config, making it incompatible with IAM roles. Overriding the config values at runtime (
Application.put_env
) is not an option, since the 'root account' credentials must be preserved.Am I seeing this correctly? I think maybe passing in a
config
S3 option or defining/calling a config function inArc.Definition
could fix this. Thoughts?