Changing the security role mappings refresh time interval that is used during authorization

Change the security role mappings refresh time interval that is used during authorization.

By default, the security role mappings refresh time interval is set to 10 minutes. You can change this default value as required.

Follow these steps to change the time interval:

  1. Edit the platform-auth-idp configmap.

    oc -n <your-foundational-services-namespace> edit configmap platform-auth-idp
    
  2. Update the value of the PDP_REDIS_CACHE_DEFAULT_TTL parameter, as required. Specify the value in seconds. The default value is 600 seconds.

    After you update and save the changes, you see the following message:

    configmap "platform-auth-idp" edited
    
  3. Restart all platform-identity-management pods by deleting them.

    oc -n <your-foundational-services-namespace> delete pod -l k8s-app=platform-identity-management
    

    Wait for a few minutes for the pod to restart.

  4. Verify the status of the pods.

     oc -n <your-foundational-services-namespace> get pods | grep platform-identity-management-pdp
    

    The status of all the pods must show as 1/1 Running.