scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-03 10:43:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't require AWS_ROLE_SESSION_NAME to sts:AssumeRoleWithWebIdentity (#9416)

Browse Source 
Fixes #9415

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
This commit is contained in:
Ori Rawlings
2020-07-14 01:31:49 -05:00
committed by GitHub
parent 1c8263c180
commit 95e05e5642
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sdk/helper/awsutil/generate_credentials.go
View File

@@ -62,7 +62,7 @@ func (c *CredentialsConfig) GenerateCredentialChain() (*credentials.Credentials,
roleARN := os.Getenv("AWS_ROLE_ARN")
tokenPath := os.Getenv("AWS_WEB_IDENTITY_TOKEN_FILE")
sessionName := os.Getenv("AWS_ROLE_SESSION_NAME")
if roleARN != "" && tokenPath != "" && sessionName != "" {
if roleARN != "" && tokenPath != "" {
// this session is only created to create the WebIdentityRoleProvider, as the env variables are already there
// this automatically assumes the role, but the provider needs to be added to the chain
sess, err := session.NewSession()