Can temporal have support to enable AWS request signing? The default credential chain should work for most scenarios I would expect. We forked cadence to add it to ours so we can use AWS RBACL to secure our ES cluster.
I will absolutely make sure this is communicated internally as it’s a very reasonable request.
Just FYI @ryland I think this is a duplicate of this feature request here: Add support for AWS elasticsearch request signing