Other: Allow to authenticate AWS S3 storage using dynamic credentials instead of static access keys #783
Description
What do you want to share with us?
Limitation
In order to configure AWS S3 storage in RSTUF worker static pair of values for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY is required. Relevant fragment of code can be found here.
This approach is quite constraining as it does not support multiple ways of specifying the credentials that is supported by the boto3 Python library. The most notable missing opportunity is support for IAM roles for machines running in AWS.
Proposal
Do not require providing static credentials for RSTUF Worker and allow boto3 library to figure out the best way for authentication. Change should be backward compatible so explicitly provided credentials (for example in RSTUF_AWS_ACCESS_KEY_ID and RSTUF_AWS_SECRET_ACCESS_KEY environment variables) are still supported and have a precedence before relying on dynamic configuration.
References
No response
Code of Conduct
- I agree to follow this project's Code of Conduct