Allow assume role

[lewgordon]

May duplicate #116 . Many times we'll need to assume a role as specifying a user's credentials doesn't work in most of our cases since we'll require a security token.

[anthonygreen]

This is a feature requirement for our setup where Jenkins is running on a EC2 instance and the plugin needs to be able to upload to a bucket in another account via AWS's assume role capability.
We previously used #116 but the master branch has since diverged considerably from that point.

[anthonygreen]

#116 also adds the capability to assign a canned ACL for uploaded objects, useful when using S3 to host static web assets.

[anthonygreen]

I've build the patched fork and installed that version of the plugin on a test Jenkins instance.
two things:

1. Use IAM role check box doesn't appear to be saving state.
2. There needs to be instructions on how to set up, as I haven't been able to get it to work correctly

[lewgordon]

@anthonygreen Yeah, I definitely think I need more docs on this. Currently we use it internally on our Jenkins so I haven't given much thought to it. If you want to just have the profile assume the role, you need to specify the role under "Assume IAM Role" and NOT check the "Use IAM Role" box. When clicking away you should see some validation if the master is able to assume the IAM role. If that doesn't work there's probably some bug somewhere in my fork that I need to fix. :)

[anthonygreen]

Seems the bug with the IAM role was accidentally introduced with ee92830 and requires #128 to fix

[anthonygreen]

Is there any prospect of these changes being updated so they can be easily merged into a fork of the current head of jenkinsci:master ?

[rsandell]

Sorry, I didn't check for existing open PRs when I did #138 I believe this could be made less complex when applied on top of that.

[jglick]

Offhand I would expect this sort of thing to be handled by the aws-credentials plugin instead?