aws_sdk_sts::assume_role() is hard to use

[ajewellamz]

trafficstars

Describe the feature

aws_sdk_sts::assume_role() is hard to use, because the Credentials returned by assume_role (aws_sdk_sts::types::Credentials) do not implement the trait ProvideCredentials; for that, you need something like aws_sdk_sts::config::Credentials.

Use Case

I expect to be able to call assume_role() and use the result to create and sdk client

Proposed Solution

Ideally, you would provide some way to very simply use the output of assume_role to create clients of the other aws sdks.

At a minimum, you would provide, in the documentation of assume_role, the code needed to make that happen, which is something like

let types_cred = creds.credentials.unwrap();
let config_creds = aws_sdk_sts::config::Credentials::new(
   types_cred.access_key_id(),
   types_cred.secret_access_key(),
   Some(types_cred.session_token().to_string()),
   Some(std::time::SystemTime::UNIX_EPOCH + std::time::Duration::from_secs(types_cred.expiration().secs() as u64)),
   "SomeProvider"
);

let cred_prov = aws_sdk_kms::config::SharedCredentialsProvider::new(config_creds);
let kms_config = aws_sdk_kms::config::Builder::from(&sdk_config)
            .credentials_provider(cred_prov)

Other Information

No response

Acknowledgements

• [ ] I may be able to implement this feature request
• [ ] This feature might incur a breaking change

A note for the community

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue, please leave a comment