kube2iam
kube2iam copied to clipboard
kube2iam IMDSv2 support
Hello, I'm trying to use IMDSv2 with kube2iam (version 0.10.11). When I change instance metadata to force only IMDSv2 usage (with AWS-CLI), kube2iam throws error:
time="2020-09-28T08:23:23Z" level=error msg="Error getting instance id, got status: 401 Unauthorized" time="2020-09-28T08:23:23Z" level=info msg="Listening on port 8181"
and restarts, getting into crashLoopbackOff. When I revert, with support to IMDSv2 and v1, kube2iam starts to work. What should I do to benefit from IMDSv2?
Kind regards, mimek
Hi,
Am also getting the same error, when I change instance metadata to IMDSv2. Do we have any solution or workaround on this?
so I hit the same problem few days ago, decided to go with the native EKS solution instead (assuming you guys are using the managed k8s) - Introducing fine-grained IAM roles for service accounts
https://github.com/jtblin/kube2iam/pull/344 was merged so this one can be closed