NoCredentialProviders: no valid providers in chain. IMDSV2 issue. #3666
Labels
triage/needs-information
Indicates an issue needs more information in order to work on it.
Comments
|
Yes setting up IRSA for controller will work in this case. Please follow this doc to create one for your controller. |
shraddhabang
added
triage/needs-information
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kubernetes version 1.29.
AWS LB controller version: 2.7.2
Masters set to Hop limit 3 token required. Worker nodes set to Hop Limit 1 token required,
Went to create a LB and got
2024-04-26T14:31:17Z","msg":"Reconciler error","controller":"ingress","object":{"name":"msa-grafana","namespace":"monitoring"},"namespace":"xxxx,"name":"xxxx","reconcileID":"ff76216b-0df8-495d-8777-f69e2aa26e32","error":"NoCredentialProviders: no valid providers in chain. Deprecated.\n\tFor verbose messaging see aws.Config.CredentialsChainVerboseErrors"}
Which means I either have to put it on a master node or change my worker nodes to a hop limit of 3 (if set to 2 I get the same error) This kind of compromises security a touch as we might be forced to set it to 1 and I really don;t want to install it on my masters if I can avoid it.
Does this work with service account linked to an IAM role if I annotate the service account ?
The text was updated successfully, but these errors were encountered: