I have java code running in fargate cluster, I need to access other aws services from within the java code using aws sdk. Right now I have hard-coded access/secret/token inside java class and it is working fine.
BasicSessionCredentials sessionCredentials = new BasicSessionCredentials(accessKey, secretAccessKey, token);
Since I am running java code from within the same aws account, so is there a better way so that i don't have to hard code credentials ?
I got it working by using DefaultAWSCredentialsProviderChain.java while building target service client. Along with that I added permissions for target service in the role attached to calling service. For example - If code running inside ECS tasks needs to call SSM service, add permissions to role attached to ECS tasks to perform actions on SSM and from code instead of hard coding credentials use below mentioned code:
AWSSimpleSystemsManagement awsSimpleSystemsManagement = AWSSimpleSystemsManagementClient.builder()
.withCredentials(new DefaultAWSCredentialsProviderChain());