The current implementation of the available AWS Forge components from the OutSystems Platform Team only supports IAM user account credentials (Access Key and Secret Access Key) aka Basic AWS Credentials.

With a growing consumption of AWS Services in OutSystems applications this can lead to either having to maintain (rotating keys asf) multiple IAM User account credentials or to an overpowered (in regard to permissions) single IAM user account. 

The AWS Forge Components developed and supported by OutSystems should support Temporary Credentials (Session Credentials) besides the now available Basic AWS Credentials. This will allow to use assumed role credentials. Using roles instead of dedicated IAM user account credentials is also recommended by AWS as best practice.

The changes are very minimal as this would only mean adding an additional Property to the extension SessionToken and dependant on if it is set or not either use BasicAWSCredentials oder SessionAWSCredentials. Here is a snippet from our own custom integrations

internal static AWSCredentials GetCredentials(string acccessKey, string secretKey, string sessionToken = "")

        {

            if (string.IsNullOrEmpty(sessionToken))

                return new BasicAWSCredentials(acccessKey, secretKey);

            else

                return new SessionAWSCredentials(acccessKey, secretKey, sessionToken);

        }

Thank you,

Stefan