Maybe a little more context. Originally we baked the credentials into the config files but this is obviously a bad practice. The idea is to use IAM Roles for authenticating AWS services instead of passing secrets around.
I also came across a similar issue here on the forum but from what it looks like the bad practice of hardcoding your credentials is the recommended way. But we would like to avoid that now.