Description
This library uses STS in a few places to call GetCallerIdentity as a way of validating credentials. STS is otherwise not used. It'd better to replace these calls because 1) they require allowlisting another endpoint on restricted networks and 2) we can call more relevant APIs (e.g. S3 or Deadline endpoints) to validate permissions instead.
Solution
Replace STS checks with other calls
Description
This library uses STS in a few places to call
GetCallerIdentityas a way of validating credentials. STS is otherwise not used. It'd better to replace these calls because 1) they require allowlisting another endpoint on restricted networks and 2) we can call more relevant APIs (e.g. S3 or Deadline endpoints) to validate permissions instead.Solution
Replace STS checks with other calls