Is there a way to use EC2 IAM Roles with R53 DNS plugin?

[poenn]

When running AWS API commands from an EC2 instance you can use IAM Roles for the EC2 instance to avoid managing credentials - temporary access keys are issued to the instance via STS and will be passed to applications automatically.
Is there a way to get the R53 DNS Plugin to use this instead of passing in a role name or access key?
The underlying PowerShell commands (Get-R53HostedZoneList, etc.) will work in this type of environment without specifying any credentials, but it looks like currently setting a profile name or access key is mandatory.

[rmbolger]

I didn’t even realize this was an option. But in retrospect, of course it is. The Azure plugin has an option for something very similar. And I’d guess I would implement this in the same fashion. Rather than making the existing credential parameters optional, there’d be a switch parameter you can use to basically say, “Use embedded auth.”

I can probably even make it work without the AwsPowershell module dependency eventually.

So yeah, thanks for the request! I can totally make this work.

[rmbolger]

There we go! You can now just specify R53UseIAMRole=$true in your plugin parameters to have it use the role associated with your instance. It even works without the AwsPowershell module being installed.

There are a couple additional things I'm trying to get into the next release. But until then, you can either grab the dev/master copy or just grab the updated plugin file.