From 21d2315c4a969a11028e8c47c50378d62159b06b Mon Sep 17 00:00:00 2001
From: Zackary Santana <64446617+ZackarySantana@users.noreply.github.com>
Date: Wed, 25 Sep 2024 13:02:22 -0400
Subject: [PATCH] fix: do not redact the expiration

---
 agent/command/assume_ec2_role.go      | 2 +-
 agent/command/assume_ec2_role_test.go | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/agent/command/assume_ec2_role.go b/agent/command/assume_ec2_role.go
index 9016ba9055..21435732c0 100644
--- a/agent/command/assume_ec2_role.go
+++ b/agent/command/assume_ec2_role.go
@@ -97,7 +97,7 @@ func (r *ec2AssumeRole) execute(ctx context.Context, comm client.Communicator, l
 	conf.NewExpansions.PutAndRedact(globals.AWSAccessKeyId, creds.AccessKeyID)
 	conf.NewExpansions.PutAndRedact(globals.AWSSecretAccessKey, creds.SecretAccessKey)
 	conf.NewExpansions.PutAndRedact(globals.AWSSessionToken, creds.SessionToken)
-	conf.NewExpansions.PutAndRedact(globals.AWSRoleExpiration, creds.Expiration)
+	conf.NewExpansions.Put(globals.AWSRoleExpiration, creds.Expiration)
 
 	return nil
 }
diff --git a/agent/command/assume_ec2_role_test.go b/agent/command/assume_ec2_role_test.go
index 03324e2334..cb42340b56 100644
--- a/agent/command/assume_ec2_role_test.go
+++ b/agent/command/assume_ec2_role_test.go
@@ -104,7 +104,8 @@ func TestEC2AssumeRoleExecute(t *testing.T) {
 				assert.True(t, hasAccessKey)
 				assert.True(t, hasSecretAccessKey)
 				assert.True(t, hasSessionToken)
-				assert.True(t, hasExpiration)
+				// The expiration should not be redacted.
+				assert.False(t, hasExpiration)
 			})
 		},
 	} {