Client credentials expired for long running tasks

Created on 10 May 2024, 10 months ago

Problem/Motivation

For long running tasks sending emails, the task may take longer than the expiration time of the temporary credentials used by the AWS SES client created by the aws → module when using a role ARN for authentication.

In that case AWS will return an ExpiredTokenException and the emails will stop being sent.

Steps to reproduce

Install the `amazon_ses` module
Configure the profile to use a role ARN for authtentification
Create a script that instantiate the `amazon_ses.handler` service and then, for example, sleeps for more than 1 hour (default duration of the token) before sending an email
Sending the email will fail with a "The security token included in the request is expired" error entry in the logs.

Proposed resolution

Catch the exception (TokenException) and recreate the client and retry sending the email?

Remaining tasks

Implement patch.

User interface changes

None.

API changes

None.

Data model changes

None.

🐛 Bug report

Status

Active

Version

3.0

Component

Code

Created by

🇯🇵Japan orakili

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @orakili
Comment 10 months ago →
🇯🇵Japan orakili
First commit to issue fork.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024