I am trying to use Trusted Profile authentication (.md#identity-and-access-management-iam-authentication-grant-type-assume) to access buckets in another IBM account.
However, it seems that the Python SDK for COS only accepts Service Credentials as authentication methods to access the buckets in individual COS instances (#python-prereqs). It is also unclear to me if generating service credentials is mandatory, since there are permissions like cloud-object-storage.bucket.get which apparently are account-wide and allow access to details about a bucket.
So my question is: given an API Key in account A that has a trusted profile in another account B, is it possible to list/retrieve information from all the COS instances and/or buckets in account B? If so, how? Is generating service credentials for EACH COS instance mandatory?
