I understand AssumeRole has been given a configurable limit but with a hard stop at a max of 12 hours. I require using AssumeRole for operations that could take longer, and wish to have credentials lasting as long as needed. Is there a way to "refresh" the credentials such that: For ex.
A user who has logged into Tableau via an Athena JDBC connector at 0hours and executes an API call past 12hours, the credentials are internally refreshed such that there is an illusion that they are logged in permanently, and that API call succeeds? The trouble is with the customer having to repeatedly generate temporary credentials with AssumeRole API, to be able to access data analytics tools like Tableau.
I'd require a Java solution for this - I know boto has done some slightly hacky ways to get these creds to refresh.
The maximum duration of AssumeRole credentials is 12 hours.
The limit is 36 hours for GetSessionToken and GetFederationToken.
It is not possible to "refresh" credentials, but you can call AssumeRole again and get a new set of credentials that are valid for another 12 hours.