Worked on the NixOS/nix repository to deliver a new feature enabling S3 binary cache access using STS-based credentials. This involved implementing a custom credentials provider chain in C++ to allow the system to assume IAM roles for secure S3 bucket access, enhancing both security and scalability for cross-account caching scenarios. The approach included updating build configurations and integrating AWS STSProfileCredentialsProvider, ensuring compatibility with existing CI pipelines and minimizing workflow disruption. By leveraging AWS, Nix, and cloud computing expertise, the work provided a seamless transition to STS-based access while maintaining robust support for current binary cache usage patterns.