Adopt RoleArn For Cross-Account Lambda Information

[jamesrenaud]

Add the ability to get lambda function information from AWS accounts that are different from where Backstage is running, or where Backstage has been provided AWS credentials.

Support for getting cross-account credentials via an IAM role has been added to backstage-plugin-aws-auth via https://github.com/RoadieHQ/backstage-plugin-aws-auth/issues/41

Possible Implementation

1. Add an additional, optional, field for the lambda annotation aws.com/lambda-role-arn:
2. Support passing the role arn to the getCredentials() operation if it has been specified in the annotation

Context

In my specific implementation, Backstage is running in a particular AWS account, and it's container has a specific instance profile assigned to it. Our lambda functions that I'd like to show within the UI exist in different accounts, and are managed by the separate development teams that manage their microservices. Providing those teams the ability to load function details cross-account is critical to the use of the plugin.

This also acts as a demonstration vehicle for other plugins to adopt the new feature in backstage-plugin-aws-auth.

[jamesrenaud]

Please assign to me - I will submit a PR to implement this feature.

Thanks!

[Irma12]

@jamesrenaud Thank you for looking into this. We are excited to see it in action 🤩

[tszngai]

To add on this, can we link multiple lambdas to one backstage entities? And these lambdas might live in multiple different AWS accounts. Asking because our company has lambdas on over 50 AWS accounts and it would be nice to have backstage display them 🤔

[sohail-mp]

Is there an update on this issue? is anyone looking into this?

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[aberenshtein]

@Irma12 @jamesrenaud any news here?