According to the documentation, this resource requires the following. The question I have is it possible add IAM policies to Role so that no AWS CLI configuration is required. I was able to get the fence_aws command to work with embeddeing AWS CLI config info by providing specific IAM policies.