allows emails@sign to be within the aws secrets engine path

[will-quan-bird]

allows the at sign to allow emails for the aws secrets engine path.

[hashicorp-cla]

All committers have signed the CLA.

[will-quan-bird]

@jefferai Hi is it possible to glance over this small pr? Thanks! :)

[will-quan-bird]

Just realized that this allows to write to the role path with the @ sign. After more testing, I found that I couldn't pull aws credentials from this. Would you know off the top of your head why vault read aws/creds/rolename@gmail.com would return no values nor any errors?

[michelvocks]

Hi @will-quan-bird!

If no value or error is returned that usually means that you got an empty response.
I recommend sending a manual HTTP request (e.g. via cURL) with verbose mode enabled to see what is returned.

I also think that you need to change API Pattern for the creds/sts API endpoint here: https://github.com/hashicorp/vault/blob/master/builtin/logical/aws/path_user.go#L21

Cheers,
Michel

[will-quan-bird]

That did the trick! Thanks!

[kalafut]

Thanks!