l0-setup list is unusable for any multiple-account configuration

[tlake]

Troublesome Behavior

If a user happens to be managing Layer0 instances across different AWS accounts with different credentials, l0-setup list will always return an AccessDenied error.

Given AWS accounts ACCT1 and ACCT2 and a separate set of credentials (access key and secret access key) for each account, l0-setup list will never return anything helpful to the user. If authenticated for ACCT1, l0-setup returns AccessDenied because CREDS1 can't authenticate against ACCT2, and vice versa. No matter which credentials the user supplies, the list command will never not fail.

Possible Solutions

Given this sample representation of the world:

AWS Account	Layer0 Instances
ACCT1	instance1a, instance1b
ACCT2	instance2a, instance2b

Silent failure?

# using credentials for ACCT1
# AccessDenied errors are generated when authenticating
# against ACCT2, but are ignored

$ l0-setup list
STATUS    NAME
lr        instance1a
r         instance1b

Notification in output?

# using credentials for ACCT1
# AccessDenied errors are generated when authenticating
# against ACCT2, and the presence of any such errors just
# appends an explanatory note to the output

$ l0-setup list
STATUS    NAME
lr        instance1a
r         instance1b

l0-setup found more Layer0 instances, but could not authenticate with the current credentials.

Integration with ~/.aws/credentials?

# ~/.aws/credentials

[tlake-ACCT1]
aws_access_key = asdfasdfasdfasdf
aws_secret_access_key = zxcvzxcvzxcvzxcv

[tlake-ACCT2]
aws_access_key = dfghfdghfdghdfgh
aws_secret_access_key = cvbncvbncvbncvbn

# l0-setup tries to authenticate against all known layer0 instances
# using each set of credentials in ~/.aws/credentials and compiles
# the results into the following output

$ l0-setup list
STATUS    NAME
lr        instance1a
r         instance1b
r         instance2a
lr        instance2b

A solution like this one would benefit from #627.

See also #211.