Use case:

Jenkins is running in account A and needs to start ec2 worker in account B

Currently, it is only possible to create static (bad bad bad) credentials in account B and then hardcode them in the Jenkins config

What would be great is to have a role in account B that another role in account A could assume. Similar to how it is done in the ECS plugin. You might even be able to copy a code from there...