no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded

[matanbaruch]

What happened?

Getting this error on pulumi up

    Error: invocation of aws:lb/getLoadBalancer:getLoadBalancer returned an error: 1 error occurred:
    	* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
    
    Please see https://registry.terraform.io/providers/hashicorp/aws
    for more information about providing credentials.
    
    Error: no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded

Steps to reproduce

Running Automation API on a Container inside AWS ECS Task The ECS Task have Administrative privileges.

Expected Behavior

The EC2 IMDS role does exists since all other resources are able to create

Actual Behavior

aws:lb/getLoadBalancer:getLoadBalancer is unable to fetch the LoadBalancer since it cannot find the AWS Creds

Versions used

CLI Version 3.30.0 Go Version go1.17.9 Go Compiler gc

Host OS alpine Version 3.15.4 Arch x86_64

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

[stack72]

Hi @matanbaruch

Please can you let me know what version of pulumi-aws that you are using?

Paul

[MitchellGerdisch]

This is happening with AWS provider v5.10.0

[stack72]

@MitchellGerdisch can you try with aws:skipCredentialsValidation true set as part of your provider config?

[stack72]

Hi @matanbaruch

Please can you let me know if this helped?

Paul

[matanbaruch]

Hey, We fixed it by adding role to the ECS Task Definition. Apparently it does not know how to handle ECS Task with IAM permission on the running EC2 node.