We don’t handle that for you (we do deploy any lambdas to our AWS account on your behalf, and run them). For anything beyond running your functions in our account, you’d have to build whatever you need as far as getting authenticated at other services.
We don’t have any code patterns for that, but I suppose there are a lot out there on the internet you could cheat off of depending on what your goals are.
I would expect you still need to pass in those values to your functions somehow - but what you may have run into (or will soon, if you haven’t already), is that we set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY for that deployment of the functions - so you’ll need to use differently named environment variables (not starting with AWS_) and adjust your code to read from them.
As for how you write the code to auth, that’s not a question our Support team will be able to help with; perhaps AWS’ tech support or documentation has more details about how to use the identity pool and any other features they (not we) provide.