As for now we are using a IAM user to make deployments into AWS accounts. This user privileges are managed in foundation-internal-base project. The problem with this approach is that the mentioned project needs to be manually deployed, and on top of that is not that good practice to use a IAM user for that. 

Thanks to Rubén from SRE Team we have now the AWS accounts enrolled in their AWS Control Tower setup, which means we can benefit from "good practices". Thus, we can start using the sre-platform platform role and other Jenkins SRE available functionality.

To migrate the pipelines the following actions should be done:

1. Add the withAWS line to the pipeline
2. Run terraform init command with the param: backend-config='role_arn=arn:aws:iam::<foundation_account_id>:role/sre-platform
3. Modify the terraform provider 

The pipelines to modify are:

• foundation-internal-base project
• mgnl-renovate-bot
• magnolia-mgmt

After thar the jennkins user (arn:aws:iam::347299396223:user/jenkins.sre.magnolia-cloud.com) should be removed from the two AWS accounts: magnolia-core-expeimental and magnolia-core-production.