Giters

awsdocs / amazon-ecs-developer-guide

The open source version of the Amazon ECS developer guide. You can submit feedback & requests for changes by submitting issues in this repo or by making proposed changes & submitting a pull request.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Explanation around auto-rotation of task role credentials is not clear or incorrect.

Himanshu4 opened this issue · comments

commented

The note:
"The default expiration time for the generated IAM role credentials is 6 hours."

https://github.com/awsdocs/amazon-ecs-developer-guide/blob/master/doc_source/task-iam-roles.md#iam-roles-for-tasks

As per above statement, It looks like that there is a way for the users to change (increase/decrease) the frequency of auto rotation of ECS role credentials from 6 hours. If there is a way for the end users to change, then it is not documented anywhere as per my understanding.

Otherwise, we should add a note that this value can not be changed.

commented

Regarding this, as far as I can tell you cannot change that value. I'm also unclear why changing the value would be necessary as it auto-renews according to the IAM documentation. For now I'm going to remove this note from the documentation. Reopen this issue if you feel another resolution is needed. Thanks for your patience.