Bazel-remote doesn't support Security Token Service (STS) authentication for S3

[JSGette]

So I created an S3 bucket in AWS and all required policies. Bazel-remote is working when used within EC2 Instance with attached policy. But if I am trying to run bazel-remote locally with credentials configured in ~/.aws/credentials I am getting 408 Request Timeout even if I use aws sts --profile PROFILE_NAME get-caller-identity. I also tried to set a profile via environment variable (export AWS_PROFILE=PROFILE_NAME), it didn't have any effect.

[mostynb]

Hi, bazel-remote doesn't use ~/.aws/ configuration files - you would need to create a bazel remote config file and specify the account details there. There's a commented example in the readme file.

[JSGette]

The thing is I can't pass access_key_id and secret_access_key, it's just not enough, I need to use STS instead of IAM in order to work with S3 bucket since we're using federated accounts.

[mambon2]

@justfalter @mostynb I was reading this quote from aws aws/aws-cli#4982 (comment)
In it they state the following:

As of now, all AWS SDKs except C++ support the credentials from SSO login.

Is this true for this goapp? If so, which authentication method should we use to leverage sso login (instead of credentials file)

[mostynb]

I think there are details on how to do this over here: #493 (comment)