Support for new AWS CLI profile

[teemunc]

latest AWS CLI supports using EC2 instance metadata as credential source together with a role with following fashion: [profile crossaccount] role_arn=arn:aws:iam:... credential_source=Ec2InstanceMetadata

This profile could be even default. The current implementation does not support using this enhanced configuration, but uses the default AWS instance credentials even if default profile is configured to use one.

Using the cli with the apacheds user from shell work ok, but apacheds error message reveals that it is using the default instance profile and not assumed role:

[18:09:26] ERROR [com.denismo.aws.iam.LDAPIAMPoller] - Exception polling com.amazonaws.AmazonServiceException: User: arn:aws:sts::xxxxxxxxxxx:assumed-role/EC2/i-0aaa93ab6076d35ce is not authorized to perform: iam:ListGroups on resource: arn:aws:iam::yyyyyyyyyyyy:group/ (Service: AmazonIdentityManagement; Status Code: 403; Error Code: AccessDenied; Request ID: c708e7cd-d6ee-11e8-bd77-49651db80edb)

using from shell with CLI and only default profile apacheds@ip-10-0-1-210:~$ aws iam list-users { "Users": [ { "UserName": "[email protected]", "PasswordLastUsed": "2018-10-17T06:48:44Z", "CreateDate": "2018-01-09T09:11:15Z", "UserId": "TBD", "Path": "/", "Arn": "arn:aws:iam::yyyyyyyyyyyy:user/[email protected]" }, ...