Currently to use our AWS s3 connector you have to enter static credentials into the Passwords Manger app.

Expected:
AWS and have EC2 instance profiles to provide dynamic authentication. The system should be able to fallback to this making both options available.

In the following figure, a developer runs an application on an EC2 instance that requires access to the S3 bucket named photos. An administrator creates the Get-pics service role and attaches the role to the EC2 instance. The role includes a permissions policy that grants read-only access to the specified S3 bucket. It also includes a trust policy that allows the EC2 instance to assume the role and retrieve the temporary credentials. When the application runs on the instance, it can use the role's temporary credentials to access the photos bucket. The administrator doesn't have to grant the developer permission to access the photos bucket, and the developer never has to share or manage credentials.

DEV Hints:

It looks to be possible with this way:

info.magnolia.cloud.service.AmazonS3ServiceProvider#getProvidedOrEnvironmentCredentials
private AWSCredentialsProvider getProvidedOrEnvironmentCredentials(String accessKey, String secretKey) {
if (isAnyBlank(accessKey, secretKey))

return new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey));
}