CHEF-85 auth-token-refresh-retry-for-inspec-aws

[sa-progress]

Description

Issue: AWS session expiration after 12 hours using AssumeRole credentials

Currently, when using AWS resources, the session expires after 12 hours. This can cause disruptions to long-running scans that rely on these credentials.

Fix: To address this issue, the recommended approach is to implement a scheduled rotation of the AssumeRole credentials before the expiration time. This can be achieved by using AssumeRole API and retrieve a new set of temporary credentials before the existing ones expire.

Additional env variables required : export AWS_ROLE_ARN="arn:aws:iam::1127dummy395563:role/DUMMYRole" export AWS_TOKEN_EXPIRATION_DURATION="901" export AWS_ROLE_SESSION_NAME="DUMMY_aws_role_for_session"

Issues Resolved

List any existing issues this PR resolves, or any Discourse or StackOverflow discussion that's relevant

Check List

Please fill box or appropriate ([x]) or mark N/A.

• [ ] New functionality includes integration tests/controls
• [ ] New Terraform resources
• [ ] Documentation provided or updated for resources
• [ ] All Integration Tests pass
• [ ] All Unit Tests pass
• [ ] rake lint passes
• [ ] All commits have been signed-off for the Developer Certificate of Origin. See https://github.com/chef/chef/blob/master/CONTRIBUTING.md#developer-certification-of-origin-dco

[netlify[bot]]

✅ Deploy Preview for inspec-aws canceled.

Name	Link
🔨 Latest commit	b3d4c400ca87faa6402285ca7e4b7806eee40686
🔍 Latest deploy log	https://app.netlify.com/sites/inspec-aws/deploys/648878c359102f000810e656