Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] Persistent secret with credential process chain not refresh #64

Open
r0b0ji opened this issue Feb 6, 2025 · 2 comments
Open

Comments

@r0b0ji
Copy link

r0b0ji commented Feb 6, 2025

I create an s3 secret with credential process, like

D create persistent secret s3_secret(type s3, provider credential_chain, chain process);

What I expect?
This should run the credential process defined in ~/.aws/config to get the fresh credentials.

What happens?
The stored secret is a secret at the time of creation of that persistent secret.

This is going to fail next time as credential has expired by that time. This limits the use of persistent secret and storing a long term secret in file is neither good practice and nor recommended by Aws.

The persistent secret can be made useful if at the start of session, it runs the credential process to refresh it. Bonus if it can run the process in background for long running session.

@samansmink
Copy link
Collaborator

Try CREATE OR REPLACE PERSISTENT SECRET.. to refresh your secret.

@r0b0ji
Copy link
Author

r0b0ji commented Feb 9, 2025

Isn't the point of a persistent secret is that it's persistent and I don't have to do it in every session.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants