fix: do not return an error on expired credentials (#12057)

policy might have an associated mapping with an expired user key, do not return an error during DeletePolicy for such situations - proceed normally as its an expected situation.
2021-04-15 08:51:01 -07:00 · 2021-04-15 08:51:01 -07:00 · 36595eef92
parent 984066446a
commit 36595eef92
1 changed files with 4 additions and 2 deletions
--- a/cmd/iam.go
+++ b/cmd/iam.go
@ -672,8 +672,10 @@ func (sys *IAMSys) DeletePolicy(policyName string) error {
 		if pset.Contains(policyName) {
 			cr, ok := sys.iamUsersMap[u]
 			if !ok {
-				// This case cannot happen
-				return errNoSuchUser
+				// This case can happen when an temporary account
+				// is deleted or expired, removed it from userPolicyMap.
+				delete(sys.iamUserPolicyMap, u)
+				continue
 			}
 			pset.Remove(policyName)
 			// User is from STS if the cred are temporary