Allow other authentication other than AWS Secret/Key

[dmarkey]

Describe the feature
It would be nice to use IAM Roles and Web Identities when deploying the controller (especially useful when on EKS) instead of hardcoding keys.

What would the new user story look like?
How would the new interaction with Credstash Operator look like? E.g.

1. What are the prerequisites for this? On an AWS environment
2. User starts up Credstash Operator using the --use-iam-role or --use-web-identity
3. User submits CredstashSecret object with extra parameter new-feature
4. New Secret created using the new feature

[alexouzounis]

Thanks @dmarkey for the suggestion.

From your comment I presume you are proposing this to be part of the operator and not per CRD correct ?

Also, when you refer to web identity you mean the eks service account and iam role binding ?

[alexouzounis]

hi @dmarkey - is this still relevant ?