Richard Hillmann

There seems to be similar problems within the SDKs, https://github.com/aws/aws-sdk-go/issues/2972. There is an interesting link to an [AWS blog entry about the new IMDSv2](https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/ ). > With IMDSv2, setting the...

@rbvigilante I just tested it within a container, but i was not able to reproduce the 502 which appears randomly in the logs. `while sleep 0.1; do curl -X PUT...

Why not just making the ignored folder configurable?

Does anyone have a update on this? After almost two years i cannot see that it has been solved natively yet.

I wonder if finalizers would solve this problem nicely here :thinking:

@estahn is something missing here?

We just faced the same issue yesterday, turned out the certificate had wrong dns names (subjet alternative names) what did not match the webhook url (we use cert manager btw)....

From the docs it is not really clear to me if the pod identity feature is gonna work in a cross-account scenario. Did someone test it already or can give...

Looks like time is running out, did someone test existing action already with node20? > Following on from our [warning in workflows using Node16](https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/) we will start enforcing the use...

For clusters using **traefik** proxy as ingress it might be worth looking also into the entrypoint lifecycle feature to control graceful shutdowns https://doc.traefik.io/traefik/routing/entrypoints/#lifecycle. At least in this case it avoids...