Hello everyone,
In my organization, we are prohibited from using programmatic keys,
that is to say
accessKeyId: env(“AWS_ACCESS_KEY_ID”),
secretAccessKey: env(“AWS_ACCESS_SECRET”),
printed in the code, so I would like to know if anyone knows how I can connect with the @strapi/provider-upload-aws-s3 plugin
so that they occupy an IAM ROLE or if someone has experience that can guide me for this part
I’ll stay tuned, thank you.
I think this is more a question for @DMehaffy
Hello there !
If you are hosting on EC2, you can directly use instance-profile permissions to access S3.
You only need to remove AccessKey and SecretKey IDs from the provider configuration block, it should then inherits the permissions from the role attached to the EC2
I hope it helped 
Thanks that would work but with extra add,for anyone else out there: you have to assign an IAM role to your EC2 instance and I qoute
However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it
In your EC2 instance:
Actions > security > modify IAM role, and then here you will get to assign an IAM role, you can create whatever new role but make sure to choose trusted entity type: AWS service, and Use case: EC2 and for permission policies you can choose what you want this role to allow for your app.