My application is springboot based application running inside pod. I have created serviceaccount in EKS(K8s) linked with IAM Role. I have also created IAM Role user with IAM as authentication type at the Atlas MongoDB end. When I run the application pod with the serviceaccount created, I get following env variables AWS_WEB_IDENTITY_TOKEN_FILE, AWS_ROLE_ARN are available inside the pod.
As I understand using the web identity token the application will have to assume the role with the STS which returns secret_key, acces_key_id, session_token. These things has to be passed to the MongoDB driver in order to establish connection with Atlas MongoDB using the privatelink. I have written sample golang script to test this and it works fine.
Now the question is, whether springboot has any existing plugin or feature which will enable to use these temporary credentials to connect with DB and refresh the credentials in case the session token expires. Please provide some pointers or blogs as to how this can be achieved in a springboot based application.