feat: allow boto3 to use its native credential finding functionality

[mikejgray]

Description

Removes hardcoded AWS credential and region information, allowing boto3 to run through its order of credential precedence. This allows for more secure configurations of AWS credentials to be used, making wider adoption possible.

Fixes #1525

Type of change

Please delete options that are not relevant.

• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

How Has This Been Tested?

I tried running tests locally but every one of them failed. There was also a missing test dependency I had to add (sqlalchemy) before I could even attempt to run them. I'm hoping there is something in CI that was missing locally, but I'm happy to run tests locally and add some in if I can get some guidance on how to get them to run.

• Unit Test
• Test Script (please provide)

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules
• I have checked my code and corrected any misspellings

Maintainer Checklist

• closes Allow boto3 to use its native credential finding functionality #1525 (Replace xxxx with the GitHub issue number)
• Made sure Checks passed

[CLAassistant]

All committers have signed the CLA.

[Dev-Khant]

Hey @mikejgray can you please resolve the conflicts so that we can test the PR?

[mikejgray]

Hi @Dev-Khant , the CI failures don't appear related to the changes in this PR. How would you like me to handle them?

[Dev-Khant]

Hey @mikejgray Those failing CI tests are from a separate issue, it's because poetry is not up to date with libraries mentioned.

Could you please add a test script for this and ensure that the approach works for all the different ways the user might pass the credentials?

[mikejgray]

Hey @mikejgray Those failing CI tests are from a separate issue, it's because poetry is not up to date with libraries mentioned.

Could you please add a test script for this and ensure that the approach works for all the different ways the user might pass the credentials?

I took a look at the proposed changes and there isn't anything in there to test besides what boto3 already provides in their test suite. The way I'm setting up the client is the same way they suggest in the documentation, which also explains the order of credential precedence: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials

It would also be difficult to test this without having different kinds of credentials, which would need to become a permanent part of your repo secrets and validated in your pipelines to be secure.

If you'd like to provide an OIDC AWS role for this repository and an IAM User, with the secrets stored in the repository secrets, I can write an action workflow to do this. It doesn't seem necessary, however, given that boto3 tests this functionality upstream.