Support switching/assuming other IAM roles

[RyanW8]

Is your feature request related to a problem? Please describe.
We use EKS Pod identities to provide pods running in EKS with credentials to connect to AWS, in cases where we want to auth with another AWS account using this role we provision a role in the target account and allow the source role to assume into that role, which is a standard AWS pattern. We'd like to use the X-Ray datasource plugin to visualize our X-Ray traces which reside in a number of different AWS accounts from our centralized observability account (in which Grafana will run). However the documentation explicitly states that IAM Role switching is not supported.

We haven't tested this yet but just wanted to raise an issue to get some eyes on this.

Describe the solution you'd like
IAM Role switching is supported

Describe alternatives you've considered
N/A

Additional context
N/A

[sarahzinger]

Hi @RyanW8 thanks for the suggestion! You're correct you can not currently switch between multiple IAM roles in the query editor at this time. We also do not have cross-account support for xray.

One thing you could do as a work around is to create a separate datasource instance for each role you want to assume. Then you could create a dashboard for what kinds of queries you would want. Then you could create a datasource variable that has all of the different iam roles you want to select: https://grafana.com/docs/grafana/latest/dashboards/variables/add-template-variables/#add-a-data-source-variable

Another possibility is that X-ray does offer some support for the cross account observability functionality from AWS, where one account is able to query in the same region in other accounts. Currently I believe this is only possible for service maps.

Do either of these solutions help solve your usecase?