Noticed this block here restricts usage to only consume an AWS Access Key and Secret Key: https://github.com/coder/aibridge/blob/main/intercept/messages/base.go#L176-L194 .
Many folks don't leverage AWS IAM users for access to resources, but depend on temporary credential access via AWS IAM Roles. Some folks also completely block IAM User creation. Claude Code also allows using temporary creds to interact with AWS Bedrock
AI Bridge should support being able to consume an IAM role and generate temporary tokens: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html.
Otherwise, it should be able to consume existing environment variables such as:
- AWS_WEB_IDENTITY_TOKEN_FILE
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_SESSION_TOKEN
- AWS_PROFILE
Or configuration/credential files like ~/.aws/credentials.
Noticed this block here restricts usage to only consume an AWS Access Key and Secret Key: https://github.com/coder/aibridge/blob/main/intercept/messages/base.go#L176-L194 .
Many folks don't leverage AWS IAM users for access to resources, but depend on temporary credential access via AWS IAM Roles. Some folks also completely block IAM User creation. Claude Code also allows using temporary creds to interact with AWS Bedrock
AI Bridge should support being able to consume an IAM role and generate temporary tokens: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html.
Otherwise, it should be able to consume existing environment variables such as:
Or configuration/credential files like
~/.aws/credentials.