From 4ef3097916ae3ec6e2f1e71cf3a71d108d8a2bd8 Mon Sep 17 00:00:00 2001
From: Dan Forsberg <dforsber@gmail.com>
Date: Fri, 15 Mar 2024 11:30:20 +0200
Subject: [PATCH] Set 12h as the max session duration possible for the
 cross-account IAM Role

---
 src/integration/aws/iam_roles.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/integration/aws/iam_roles.ts b/src/integration/aws/iam_roles.ts
index b83e7f1..9669951 100644
--- a/src/integration/aws/iam_roles.ts
+++ b/src/integration/aws/iam_roles.ts
@@ -118,6 +118,7 @@ export class BDIamRole {
       const commandParams: iam.CreateRoleRequest = {
         Path: this.path,
         RoleName: this.iamRoleName,
+        MaxSessionDuration: 12 * 60 * 60, // 12h in seconds, the max!
         AssumeRolePolicyDocument: JSON.stringify(this.getAssumeRolePolicyDocument()),
         Tags: [...this.boilingDataTags, ...(this.params.tags ?? [])],
       };