I just published a proof-of-concept CLI tool named
It lets you assume a role in AWS using IAM Roles Anywhere and a private key
stored in your SSH agent - rather than on-disk as required by the official client.
AWS4-X509-ECDSA-SHA256 via a forked
copy of the SigV4 signer in the AWS SDK for Go.
Check out the repo for more details.