From 08dffc23921fe1be98bce72d16d8bcc73e5e6b63 Mon Sep 17 00:00:00 2001 From: Oguzhan Ozmen Date: Fri, 6 Oct 2023 21:53:23 -0400 Subject: [PATCH] RGW/Roles: honor "--max-session-duration" option when CREATING a role Currently, this option is not honored and the default (3600s) is used regardless of whether this option is provided when creating a role: $ radosgw-admin role create --role-name=myrole --max-session-duration=43200 ... $ radosgw-admin role get --role-name=myrole | jq '.MaxSessionDuration' 3600 With this commit, the value given by the --max-session-duration is considered when creating the role. This would reduce the need for updating the role's max-session-duration using a separate "role update" radosgw-admin command call after the role is created: $ radosgw-admin role create --role-name=myrole --max-session-duration=43200 ... $ radosgw-admin role get --role-name=myrole | jq '.MaxSessionDuration' 43200 Signed-off-by: Oguzhan Ozmen --- src/rgw/rgw_admin.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc index 25955a52213c..4b4b5977aa6c 100644 --- a/src/rgw/rgw_admin.cc +++ b/src/rgw/rgw_admin.cc @@ -6712,7 +6712,8 @@ int main(int argc, const char **argv) cerr << "failed to parse policy: " << e.what() << std::endl; return -EINVAL; } - std::unique_ptr role = driver->get_role(role_name, tenant, path, assume_role_doc); + std::unique_ptr role = driver->get_role(role_name, tenant, path, + assume_role_doc, max_session_duration); ret = role->create(dpp(), true, "", null_yield); if (ret < 0) { return -ret; -- 2.47.3