upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-04-29 02:01:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Add 'Period' support to AWS IAM token renewal (#3220)

Browse source
This commit is contained in:
EXPEddrewery 2017-08-22 23:50:53 +10:00 committed by Jeff Mitchell
parent be57fd0594
commit a4f4e5bf34
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
builtin/credential/aws/path_login.go
View file

@ -943,7 +943,13 @@ func (b *backend) pathLoginRenewIam(
}
}
return framework.LeaseExtend(roleEntry.TTL, roleEntry.MaxTTL, b.System())(req, data)
// If 'Period' is set on the role, then the token should never expire.
if roleEntry.Period > time.Duration(0) {
req.Auth.TTL = roleEntry.Period
return &logical.Response{Auth: req.Auth}, nil
} else {
return framework.LeaseExtend(roleEntry.TTL, roleEntry.MaxTTL, b.System())(req, data)
}
}
func (b *backend) pathLoginRenewEc2(