Skip to content

Commit

Permalink
Merge pull request #2716 from cyberark/fix-aws-rotation
Browse files Browse the repository at this point in the history 
Remove change to enable single AWS key rotation
  • Loading branch information
@ismarc
ismarc authored Feb 23, 2023
2 parents b441a2b + 20e729b commit 9b8d978
Showing 1 changed file with 0 additions and 8 deletions.
8 changes: 0 additions & 8 deletions app/domain/rotation/rotators/aws/secret_key.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,21 +31,13 @@ def rotate(facade)
.select { |x| x['access_key_id'] != creds.access_key_id }
.each { |x| client.delete_access_key(access_key_id: x['access_key_id']) }

# New key on AWS
new_key = client.create_access_key.access_key

# Old key on AWS
old_key = creds.conjur_ids[:access_key_id]

# Update in conjur
facade.update_variables(Hash[
creds.conjur_ids[:access_key_id] , new_key.access_key_id,
creds.conjur_ids[:secret_access_key], new_key.secret_access_key
])

# Delete key just used for rotation
# This prevents leaving two active access keys
client.delete_access_key(access_key_id: old_key)
end

private
Expand Down

0 comments on commit 9b8d978

Please sign in to comment.