search

aws-samples / iam-identity-center-team

Open-source temporary elevated access solution for AWS IAM Identity Center.
https://aws-samples.github.io/iam-identity-center-team/
MIT No Attribution
306 stars 83 forks source link

Overlapping access requests prematurely revoke access #279

Open Syriiin opened 3 months ago

Syriiin commented 3 months ago

Describe the bug Access is removed when a session ends even if that same access is granted by another active access session.

To Reproduce Steps to reproduce the behavior:

  1. Create and approve a request
  2. When the first request is nearing expiry, create and approve another request for the same access (ie. to effectively extend the duration)
  3. Wait for the first access session to end, and observe the role get revoked

Expected behavior When an access session ends, TEAM will not revoke the access if it has been granted by another ongoing access session.

TEAM Version: v1.1.2

github-actions[bot] commented 1 month ago

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 7 days it will automatically be closed.

Syriiin commented 1 month ago

still an issue