logical/aws: Use display name for IAM username

hashicorp · Apr 15, 2015 · 59073cf · 59073cf
1 parent 006cb08
commit 59073cf
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/builtin/logical/aws/path_user.go b/builtin/logical/aws/path_user.go
@@ -45,7 +45,7 @@ func (b *backend) pathUserRead(
 
 	// Use the helper to create the secret
 	return b.secretAccessKeysCreate(
-		req.Storage, policyName, string(policy.Value))
+		req.Storage, req.DisplayName, policyName, string(policy.Value))
 }
 
 func pathUserRollback(req *logical.Request, _kind string, data interface{}) error {

diff --git a/builtin/logical/aws/secret_access_keys.go b/builtin/logical/aws/secret_access_keys.go
@@ -34,15 +34,15 @@ func secretAccessKeys() *framework.Secret {
 
 func (b *backend) secretAccessKeysCreate(
 	s logical.Storage,
-	policyName string, policy string) (*logical.Response, error) {
+	displayName, policyName string, policy string) (*logical.Response, error) {
 	client, err := clientIAM(s)
 	if err != nil {
 		return logical.ErrorResponse(err.Error()), nil
 	}
 
 	// Generate a random username. We don't put the policy names in the
 	// username because the AWS console makes it pretty easy to see that.
-	username := fmt.Sprintf("vault-%d-%d", time.Now().Unix(), rand.Int31n(10000))
+	username := fmt.Sprintf("vault-%s-%d-%d", displayName, time.Now().Unix(), rand.Int31n(10000))
 
 	// Write to the WAL that this user will be created. We do this before
 	// the user is created because if switch the order then the WAL put