Feature Request: AWS IAM Role Service Account #28
Labels
Comments
cosmo0920
added
enhancement
|
I'm not familiar with the new AWS IAM RolesCredentials. |
|
I think this was addressed in #24. |
|
Yep. This is already added in #24. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @cosmo0920,
First thank you for your contribution by open-sourcing this project.
I wanted to let you know that AWS introduced a new feature called: IAM Roles for Service Accounts
The problem we're facing is similar to: grafana/grafana#21594
AWS SDK has this concept of CredentialProviderChain. We should use the default chain and prepend (if needed) custom providers based on the configuration provided by the user potentially using the factories provided by the sdk. The Chain will try the providers sequentially and return the FIRST working credential. Basically, we shouldn't have to instantiate the TokenFileWebIdentityCredentials. The SDK should automatically do this for us when using the default CredentialProviderChain.
Alternatively, we can do what has been done on grafana by checking if some env vars are set (it's a bit easier, but will require us to test if it works).
Note: We might have to update the aws-sdk.
I'm not a go developer so I can't do much but I hope this helps.
Thank you,
The text was updated successfully, but these errors were encountered: