search

aws-samples / iam-identity-center-team

Open-source temporary elevated access solution for AWS IAM Identity Center.
https://aws-samples.github.io/iam-identity-center-team/
MIT No Attribution
315 stars 89 forks source link

Overlapping access requests prematurely revoke access #279

Open Syriiin opened 4 months ago

Syriiin commented 4 months ago

Describe the bug Access is removed when a session ends even if that same access is granted by another active access session.

To Reproduce Steps to reproduce the behavior:

  1. Create and approve a request
  2. When the first request is nearing expiry, create and approve another request for the same access (ie. to effectively extend the duration)
  3. Wait for the first access session to end, and observe the role get revoked

Expected behavior When an access session ends, TEAM will not revoke the access if it has been granted by another ongoing access session.

TEAM Version: v1.1.2

github-actions[bot] commented 2 months ago

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 7 days it will automatically be closed.

Syriiin commented 2 months ago

still an issue

github-actions[bot] commented 2 weeks ago

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 7 days it will automatically be closed.

Syriiin commented 2 weeks ago

Still an issue