Skip to content

feat(aws-iam): support maxSessionDuration for Role #545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
eladb merged 2 commits into from
Aug 13, 2018
Merged

feat(aws-iam): support maxSessionDuration for Role #545

eladb merged 2 commits into from
Aug 13, 2018

Conversation

@eladb
Copy link
Contributor

@eladb eladb commented Aug 12, 2018

Allow specifying a maximum session duration for roles.

Fixes #543

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.

feat(aws-iam): support maxSessionDuration for Role
7966b7c 
Allow specifying a maximum session duration for roles.

Fixes #543
@eladb eladb requested review from RomainMuller and rix0rrr August 12, 2018 08:15
rix0rrr
rix0rrr approved these changes Aug 13, 2018
View reviewed changes
packages/@aws-cdk/aws-iam/lib/role.ts
.addAction(principal.assumeRoleAction));
}

function validateMaxSessionDuration(duration?: number) {
Copy link
Contributor

@rix0rrr rix0rrr Aug 13, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does not need to be able to be undefined.

Copy link
Contributor Author

@eladb eladb Aug 13, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will remove the if from the call site

@eladb eladb merged commit a283a39 into master Aug 13, 2018
@eladb eladb deleted the benisrae/role-max-session-duration branch August 13, 2018 09:25
rix0rrr added a commit that referenced this pull request Aug 15, 2018
@rix0rrr
v0.8.2 (#575)
934ca5f 
### Features

* __@aws-cdk/cdk__: Tokens can now be transparently embedded into
  strings and encoded into JSON without losing their semantics. This
  makes it possible to treat late-bound (deploy-time) values as if they
  were regular strings ([@rix0rrr] in
  [#518](#518)).
* __@aws-cdk/aws-s3__: add support for bucket notifications to Lambda,
  SNS, and SQS targets ([@eladb] in
  [#201](#201),
  [#560](#560),
  [#561](#561),
  [#564](#564))
* __@aws-cdk/cdk__: non-alphanumeric characters can now be used as
  construct identifiers ([@eladb] in
  [#556](#556))
* __@aws-cdk/aws-iam__: add support for `maxSessionDuration` for Roles
  ([@eladb] in [#545](#545)).

### Changes

* __@aws-cdk/aws-lambda__ (_**BREAKING**_): most classes renamed to be
  shorter and more in line with official service naming (`Lambda`
  renamed to `Function` or ommitted) ([@eladb] in
  [#550](#550))
* __@aws-cdk/aws-codepipeline__ (_**BREAKING**_): move all CodePipeline
  actions from `@aws-cdk/aws-xxx-codepipeline` packages into the regular
  `@aws-cdk/aws-xxx` service packages ([@skinny85] in
  [#459](#459)).
* __@aws-cdk/aws-custom-resources__ (_**BREAKING**_): package was
  removed, and the Custom Resource construct added to the
  __@aws-cdk/aws-cloudformation__ package ([@rix0rrr] in
  [#513](#513))

### Fixes

* __@aws-cdk/aws-lambda__: Lambdas that are triggered by CloudWatch
  Events now show up in the console, and can only be triggered the
  indicated Event Rule. _**BREAKING**_ for middleware writers (as this
  introduces an API change), but transparent to regular consumers
  ([@eladb] in [#558](#558))
* __@aws-cdk/aws-codecommit__: fix a bug where `pollForSourceChanges`
  could not be set to `false` ([@maciejwalkowiak] in
  [#534](#534))
* __aws-cdk__: don't fail if the `~/.aws/credentials` file is missing
  ([@RomainMuller] in
  [#541](#541))
* __@aws-cdk/aws-cloudformation__: fix a bug in the CodePipeline actions
  to correctly support TemplateConfiguration ([@mindstorms6] in
  [#571](#571)).
* __@aws-cdk/aws-cloudformation__: fix a bug in the CodePipeline actions
  to correctly support ParameterOverrides ([@mindstorms6] in
  [#574](#574)).

### Known Issues

* `cdk init` will try to init a `git` repository and fail if no global
  `user.name` and `user.email` have been configured.
@NGL321 NGL321 added the contribution/core This is a PR that came from AWS. label Sep 27, 2019
@sumodgeorge sumodgeorge mentioned this pull request Jun 20, 2023
Open
@SNYKabbott SNYKabbott mentioned this pull request Jun 22, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rix0rrr rix0rrr rix0rrr approved these changes

@RomainMuller RomainMuller Awaiting requested review from RomainMuller

Assignees

No one assigned

Labels

contribution/core This is a PR that came from AWS.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

TS - Can't add MaxSessionDuration to a role (for an AssumeRole)

3 participants

@eladb @rix0rrr @NGL321