k8s-cloudwatch-adapter icon indicating copy to clipboard operation
k8s-cloudwatch-adapter copied to clipboard
verified publisher icon amazon-archives

Not refreshing security token

Open turaleck opened this issue 5 years ago • 2 comments

After a few hours of running, the token expires, but it is not refreshed. I am setting the credentials via AWS_SHARED_CREDENTIALS_FILE environment variable.

E0507 16:17:46.926686       1 client.go:102] err: ExpiredToken: The security token included in the request is expired
	status code: 403, request id: d9a952e6-91dc-461c-b9b1-5182a45e304f
E0507 16:17:46.926709       1 provider_external.go:32] bad request: ExpiredToken: The security token included in the request is expired
	status code: 403, request id: d9a952e6-91dc-461c-b9b1-5182a45e304f

I would expect the adapter to handle the expired token by renewing it. I'm running chankh/k8s-cloudwatch-adapter:v0.8.0

turaleck avatar May 11 '20 13:05 turaleck

Hi @turaleck, thanks for reporting this issue. May I know how are you assigning the credentials file? Is it from secrets or you generate that using an init container?

chankh avatar May 15 '20 06:05 chankh

Hi @chankh credentials file is from secret.

turaleck avatar May 15 '20 14:05 turaleck