Currently GLR config to stream logs to AWS services such as Cloudwatch and S3 requires user to provide AWS credentials in the form of an API key. Customer does not see handing out API keys to third party as secure practice.

Ask is to support authentation to AWS S3/Cloudwatch via AssumeRole, similar to the ability of deploying AWS VPC Site via AssumeRole https://docs.cloud.f5.com/docs/reference/cloud-cred-ref/aws-vpc-cred-ref#f5-distributed-cloud-assume-role