Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-63448

When using assume Role with profile, temp credentials are cached indefinately

XMLWordPrintable

      When configuring the AWS Credentials with an IAM Role but no IAM Keys - the expectation is that the instance profile's credentials would be used to assume role. This works in general, but has a huge bug rendering this unusable.

      When configuring a job to use credentials defined this way, it appears that the credentials from instance profile are cached - resulting in job that works for a short time and then fails with "Token Expired".  If job configuration is edited, the credential is refreshed, but it is not refreshed when simply using the credential. This causes the credentials to not work in jobs.

       

       

            Unassigned Unassigned
            mlasevich Michael Lasevich
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: