Description
[Migrated]
The upgrade to Boto3 is part of an ongoing initiative of having a single instance which coordinates deployments - with support for automatic deployments in pre-production environments.
Boto3 has built-in support for the default AWS Credentials Providers stack.
We need to set the cross-account trusting policies for our accounts, being then able to specify automatic role assumption in a cross-account context via ~/.aws/config.
It might now work out of the box, as it doesn't for aws-cli (see: aws/aws-cli#1604 and aws/aws-cli#1390).
In that case, we would need to do programatic role assumption - I was not been able to fully test this yet (permissions).
Note
This change is intended to be backward-compatible with the current setup - in other words, temporary/static credentials should work as before.
Activity