Clarify that AWS_CREDENTIAL_EXPIRATION is optional when using AWS_SESSION_TOKEN
Closed this issue ยท 3 comments
fh-mthomson commented
In this section of credentials.md
around leveraging environment variables, it implies that AWS_CREDENTIAL_EXPIRATION
is required if AWS_SESSION_TOKEN
is also leveraged:
If you have a session token from temporary security credentials, you can set it and its expiration time in environment variables AWS_SESSION_TOKEN and AWS_CREDENTIAL_EXPIRATION:
However I've noticed that:
- I've still been able to successfully authenticate by providing only
AWS_SESSION_TOKEN
- The credentials verification process (https://github.com/paws-r/paws/blob/main/paws.common/R/credentials.R#L49-L51) only asserts that, when provided, the value of
AWS_CREDENTIAL_EXPIRATION
is valid.
Proposal: Clarify in documentation that AWS_CREDENTIAL_EXPIRATION
is an optional argument, whereas AWS_SESSION_TOKEN
is required. Or, if there are cases where the former is required, then clarify accordingly.
DyfanJones commented
Thanks for raising this @fh-mthomson I will update the documentation :)
DyfanJones commented
@fh-mthomson did your PR #559 fix this issue? If so please close this ticket ๐
fh-mthomson commented
It did. Thanks, I'll close!