Closed andysimant closed 1 year ago
I guess the label [OPTIONAL]
in the options panel could be misleading, since you are required to either choose yes
or no
. You can't leave it blank. I will remove the [OPTIONAL]
label.
Regarding the error: What you are experiencing here is actually a configuration error at the end of your identity provider (IDP). In the SAML Assertion, your IDP sends along a requested session duration. This requested duration is higher than the maximum allowed duration, configured on the AWS IAM Role. The two of them do not match, so either of them need to be reconfigured to match the other.
The default session duration on AWS side is 3600
(1h). This is what you will get when you set the Apply the SessionDuration requested by the SAML provider
setting in the extension's option panel to no
. Many AWS Cloud administrators find this 1 hour session duration quite frustrating, therefore they extend the max session duration on the IAM Role. For this reason, yes
is the default value for this option, and will remain the default value.
With release 3.3
the OPTIONAL label has been removed.
When the [OPTIONAL] setting (Apply the SessionDuration requested by the SAML provider) is set to YES, I was unable to get the credential file. Since this is an optional setting, it shouldn't block the user from downloading the credential file. Kindly fix this.
Debug LOG: INFO: AWSAssumeRoleWithSAMLCommand client.send will now be executed script.js:292 ValidationError: The requested DurationSeconds exceeds the MaxSessionDuration set for this role. at Te (aws-js-sdk-bundle.js:2:57065) at aws-js-sdk-bundle.js:2:70787 at async aws-js-sdk-bundle.js:2:38494 at async On.retry (aws-js-sdk-bundle.js:2:89037) at async aws-js-sdk-bundle.js:2:116397 at async assumeRoleWithSAML (script.js:278:22) at async onBeforeRequestEvent (script.js:197:12) script.js:203 ERROR: Error when trying to assume the IAM Role with the SAML Assertion. script.js:204 TypeError: Cannot read properties of undefined (reading 'access_key_id') at onBeforeRequestEvent (script.js:199:72) "TypeError: Cannot read properties of undefined (reading 'access_key_id')\n at onBeforeRequestEvent (chrome-extension://ekniobabpcnfjgfbphhcolcinmnbehde/background/script.js:199:72)"