Does AssumeRoleProvider refresh expired credentials?
#1055
-
|
Environment: OIDC authorized Kubernetes POD that sets AWS environment variables to make it work with let provider = aws_config::sts::AssumeRoleProvider::builder(role_name.clone())
.region(Region::new(region.clone()))
.session_name(session_name.unwrap_or("my_service_session".into()))
.build(
Arc::new(EnvironmentVariableCredentialsProvider::new_with_env(
credentials_provider,
)) as Arc<_>,
);
let config: SdkConfig = aws_config::from_env()
.credentials_provider(provider)
.load()
.await;
|
Beta Was this translation helpful? Give feedback.
Answered by
ysaito1001
Jan 31, 2024
Replies: 1 comment
-
|
Hi @lcmgh, to answer your question, yes credentials will get refreshed. To be more precise, given the provided code snippet above, the |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
lcmgh
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @lcmgh, to answer your question, yes credentials will get refreshed. To be more precise, given the provided code snippet above, the
AssumeRoleProviderwill be backed by LazyCache whose resolve_cached_identity method will internally callAssumeRoleProvider::provide_credentialsas credentials get close to their expiration times.