We currenlty use: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
We have a few legacy services running on EC2 instances, using boto (not boto3) .. they are all using an IAM role on the instance.
Since boto is old, I havent been able to find any information on whether or not a boto application can use the EKS Service Account IAM Roles.
my Initial test, using our existing framework, results in the the application not getting the AWS permissions.