Skip to content

KC-1337: Fix iam_user rotation schedule not applied on initial create#2183

Open
idimov-keeper wants to merge 1 commit into
releasefrom
KC-1337-iam-user-pam-user-rotation-schedule-not-applied-on-initial-create-when-schedule-json-cron-is-provided-ui-shows-manual-until-record-is-updated
Open

KC-1337: Fix iam_user rotation schedule not applied on initial create#2183
idimov-keeper wants to merge 1 commit into
releasefrom
KC-1337-iam-user-pam-user-rotation-schedule-not-applied-on-initial-create-when-schedule-json-cron-is-provided-ui-shows-manual-until-record-is-updated

Conversation

@idimov-keeper

Copy link
Copy Markdown
Contributor
  • Fix pam rotation edit --rotation-profile iam_user so a cron/--schedulejson schedule is applied on first setup instead of failing with revision 0 less than 1.
  • After link_user_to_config runs its IAM permission-check set_record_rotation (which creates rotation at revision 1 without a schedule), sync vault and use the server revision for the follow-up request that carries the schedule.
  • Add unit tests for resolve_record_rotation_revision and the iam_user initial-create / already-linked paths.

Sync rotation revision after IAM link permission-check so the schedule-bearing set_record_rotation call uses the server revision instead of 0.

Co-authored-by: Cursor <cursoragent@cursor.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant