From 488858e9190fad0801f9ffceb2ceebec6af44491 Mon Sep 17 00:00:00 2001
From: Nick Cabatoff <ncabatoff@hashicorp.com>
Date: Thu, 28 Jul 2022 09:43:24 -0400
Subject: [PATCH] Clone created entities that were inserted into memdb...
 (#16487)

* Clone created entities that were inserted into memdb to prevent possibility of data race.
---
 changelog/16487.txt     | 3 +++
 vault/identity_store.go | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 changelog/16487.txt

diff --git a/changelog/16487.txt b/changelog/16487.txt
new file mode 100644
index 000000000..cbf2a2a58
--- /dev/null
+++ b/changelog/16487.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+identity: Prevent possibility of data races on entity creation.
+```
diff --git a/vault/identity_store.go b/vault/identity_store.go
index 8114d1e92..506553f75 100644
--- a/vault/identity_store.go
+++ b/vault/identity_store.go
@@ -1094,7 +1094,7 @@ func (i *IdentityStore) CreateEntity(ctx context.Context) (*identity.Entity, err
 			nsLabel,
 		})
 
-	return entity, nil
+	return entity.Clone()
 }
 
 // CreateOrFetchEntity creates a new entity. This is used by core to