[Feature Request]: Support temporary AWS credentials (including AWS_SESSION_TOKEN)

[StFS]

Describe why this change is needed

I'm trying to test the AWSPCA issuers and to do that I'm working on my local development laptop (the docker desktop k8s cluster). I was going to try using my AWS credentials to do this (since I can't apply an AWS role to resources in my own k8s cluster) but I realized that AWSPCA does not seem to support it when the AWS credentials are temporary (that is, have AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN).

Describe solutions and alternatives considered (optional)

It would be good if the secret referenced by the AWSPCAIssuer and AWSPCAClusterIssuer resources could include temporary AWS credentials with not only AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY but also AWS_SESSION_TOKEN.

I see here that the credentials seem to be created manually and AWS_SESSION_TOKEN is not being accounted for there. From https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-credentials I see that it is supported so I would imagine this is simply a matter of checking for the existence of this env variable and including it if it exists.

Is there anything else you would like to add?

No response

[bmsiegel]

Hi @StFS , Thank you for submitting this feature request. We will review the request and get back to you.