Skip to content

Commit

Permalink
Don't require AWS_ROLE_SESSION_NAME to sts:AssumeRoleWithWebIdentity (#…
Browse files Browse the repository at this point in the history 
…9416) (#9475)

Fixes #9415

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Ori Rawlings <orirawlings@gmail.com>
  • Loading branch information
@tvoran @orirawlings
tvoran and orirawlings committed Jul 14, 2020
1 parent 07b306e commit 352d9fb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion sdk/helper/awsutil/generate_credentials.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func (c *CredentialsConfig) GenerateCredentialChain() (*credentials.Credentials,
roleARN := os.Getenv("AWS_ROLE_ARN")
tokenPath := os.Getenv("AWS_WEB_IDENTITY_TOKEN_FILE")
sessionName := os.Getenv("AWS_ROLE_SESSION_NAME")
if roleARN != "" && tokenPath != "" && sessionName != "" {
if roleARN != "" && tokenPath != "" {
// this session is only created to create the WebIdentityRoleProvider, as the env variables are already there
// this automatically assumes the role, but the provider needs to be added to the chain
sess, err := session.NewSession()
Expand Down

0 comments on commit 352d9fb

Please sign in to comment.