Changing the security role mappings refresh time interval that is used during authorization
Change the security role mappings refresh time interval that is used during authorization.
By default, the security role mappings refresh time interval is set to 10 minutes. You can change this default value as required.
Follow these steps to change the time interval:
-
Edit the
platform-auth-idp
configmap.oc -n <your-foundational-services-namespace> edit configmap platform-auth-idp
-
Update the value of the
PDP_REDIS_CACHE_DEFAULT_TTL
parameter, as required. Specify the value in seconds. The default value is600
seconds.After you update and save the changes, you see the following message:
configmap "platform-auth-idp" edited
-
Restart all
platform-identity-management
pods by deleting them.oc -n <your-foundational-services-namespace> delete pod -l k8s-app=platform-identity-management
Wait for a few minutes for the pod to restart.
-
Verify the status of the pods.
oc -n <your-foundational-services-namespace> get pods | grep platform-identity-management-pdp
The status of all the pods must show as
1/1 Running
.