OpenStack Identity (keystone)

  1. Bug #1872737
  2. Comment #2

Comment 2 for bug 1872737

Revision history for this message
Colleen Murphy (krinkle) wrote : Re: Keystone doesn't check signature TTL of the EC2 credential auth method

Confirmed that keystone does not verify the Timestamp attribute of a /v3/ec2tokens request. Can you add a link to the AWS documentation explaining the TTL? https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html seems to indicate it's 15 minutes but I am not sure if that is consistent or configurable.