kube2iam icon indicating copy to clipboard operation
kube2iam copied to clipboard

Published 20 hours ago verified publisher icon jtblin

Ec2 Metadata updgrade from imdSV1 to imdSV2 causes 403 and 401 error- kube2iam

Open ContraBoy9999 opened this issue 2 years ago • 1 comments

Hi All, I recently updated my ec2 instances to use imdSV2 but had to rollback because of the following issue:

It looks like after i did the upgrade my init containers started failing and i saw the following in the logs:

time="2022-01-11T14:25:01Z" level=info msg="PUT /latest/api/token (403) took 0.753220 ms" req.method=PUT req.path=/latest/api/token req.remote=XXXXX res.duration=0.75322 res.status=403 time="2022-01-11T14:25:37Z" level=error msg="Error getting instance id, got status: 401 Unauthorized"

We are using Kube2iam for the same. Any advice what changes need to be done on the Kube2iam side to support imdSV2? Below is some info from my kube2iam daemonset: EKS =1.21 image = "jtblin/kube2iam:0.10.9"

ContraBoy9999 avatar Aug 17 '22 18:08 ContraBoy9999

This seems to be a duplicate of https://github.com/jtblin/kube2iam/issues/339

And there also appears to already be an outstanding Pull Request, that has been open for almost a year now: https://github.com/jtblin/kube2iam/pull/344

volkert-fastned avatar Jul 17 '23 16:07 volkert-fastned