It is desirable in some distributed computing environments to provide security credentials that are valid only for a temporary period of time to various systems and/or services operating therein. The temporary security credentials might be utilized by these systems and/or services to access other systems and/or services on a temporary basis. For example, the temporary security credentials might specify an encryption key and/or other types of data that might be utilized to cryptographically sign requests to other systems and/or services during a limited window of time.
In order to provide the functionality described above, temporary security credentials may be provided that expressly specify a fixed expiration time. For example, temporary security credentials might be provided to a service for use in making service calls that expire after six hours has elapsed, or another specified time period. New temporary security credentials having a fixed expiration at a later time might also be provided to the service prior to the expiration of the previously provided temporary security credentials. For example, new temporary credentials that also expire after six hours has elapsed might be provided to the service every hour, or some other time period that is less than six hours.
While the mechanism described above for distribution of temporary security credentials works well under normal operating conditions, there are times when such a system might cause the proper execution of dependent systems or components in the distributed computing environment to fail. For example, the system providing the temporary security credentials may become inoperable or inaccessible for some reason. In this scenario, it is possible for the temporary security credentials provided to a system or service to expire before new temporary security credentials have been received. If this occurs, the system or service may be unable to access other systems as designed and, therefore, unable to perform its intended functionality.
In order to account for the possibility that temporary security credentials with a fixed expiration time might not be provided according to schedule due to an operational difficulty, the expiration time set forth in the temporary security credentials is typically set much further in the future than actually needed in order to complete refreshing of the credentials. For instance, in the example described above, temporary security credentials might be provided that specify an expiration time six hours in the future even when it is typically possible to refresh the temporary security credentials every hour under normal operating conditions. In this way, dependent services can continue operating for approximately five hours even in the event of a failure of the service that provides the temporary security credentials. This also means, however, that the temporary security credentials are valid, in this example, for approximately five hours longer than they actually need to be.
It is with respect to these and other considerations that the disclosure made herein is presented.