You can configure the maximum session duration for a Resource Access Management (RAM) role. This setting determines the maximum validity period for the temporary credentials (STS tokens) that are issued when the role is assumed. By increasing the duration, you can allow users to perform long-running tasks without their session expiring.
Limitations
The duration can be set to a value between 3,600 seconds (1 hour) and 43,200 seconds (12 hours).
The default duration is 3,600 seconds (1 hour).
This setting is not configurable for service-linked roles (SLRs).
Use the RAM console
Log on to the RAM console as a RAM administrator.
In the left-side navigation pane, choose .
On the Roles page, click the target RAM role.
In the Basic Information section, find Max Session Duration and click Edit.
In the Edit Max Session Duration dialog box, enter the new duration in seconds and click OK.
Use the API
You can set the maximum session duration by using the following API operations:
CreateRole: When creating a new role, set the
MaxSessionDurationparameter.UpdateRole: To modify an existing role, set the
NewMaxSessionDurationparameter.
What to do next
After configuring the maximum session duration, users or services can assume the RAM role to obtain temporary credentials with the specified validity period. For more information on how to assume a role, see the following topics:
References
How do I adjust session durations and STS token validity periods?