-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Fully Compatible
-
Security 2019-01-13, Security 2019-01-27
AWS Lambda functions can provide temporary credentials for a user if the function is is assigned an execution role. These are passed via environment variables AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN.
The client authentication should check these environment variables if there is not an explicit user name and password provided before check the local instance metadata services.
References
https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#environment-variables