Token Rotation support for Credentials

[klopfdreh]

Type: Feature

Is your feature request related to a problem? Please describe.
As of now it is only possible to assign credentials once at the start of an application. It would be great if the credentials are lazy fetched each time they are accessed.

For example spring.cloud.aws.s3.credentials.accessKey and spring.cloud.aws.s3.credentials.secretKey are configured once. If they are assigned via environment variables they could be configured with a ConfigMap in Kubernetes environments. When a token rotation is configured those environment variables may change within the infrastructure.

If the credentials in this example changed - the S3Clients created by spring need to be recreated with the new credentials.

Describe the solution you'd like
Lazy load the credential properties each time they are accessed.

Describe alternatives you've considered
N/A

Additional context
N/A

[MatejNedic]

Hey @klopfdreh , this would mean we have to recreate the CredentialsProvider bean and all of the clients every time. Any reason not to use STS and have this solved that way?

Please check: #691

[klopfdreh]

I am going to check it. Thanks!

[maciejwalkowiak]

I'll close it for now as it seems that STS is exactly what @klopfdreh you're looking for. If there's anything more to add here, feel free to comment and we are happy to reopen.