I have a unique case where in the code I need to assume another IAM role that is different from the default role on an EC2 instance, load a google cloud external credentials file and then retrieve an access token from google cloud. I can do this currently via the AWS SDK and google cloud SDK but have noticed an annoying issue where it is still using the role associated with the EC2 instance to request the token from google cloud.
I noticed this was due to the fact that in the google cloud SDK it explicitly checks the Environment variables for the region and AWS keys being available:
System.getEnv(env).
If it doesn't it contacts a metadata server (which I don't want) using the default ec2 role. How can I set these AWS keys on the fly in the code as I can't do this before the java app runs? Is there a class I am missing or am I going to have to code the oauth2 logic from scratch?
Resources: github with relevant readme: https://github.com/googleapis/google-auth-library-java