Description
We use a a reverse proxy in front of the ec2 metadata service ( github.com/jtblin/kube2iam ) on our kubernetes cluster to restrict certain namespaces to certain iam roles. It does this by intercepting the call, authenticating the source and making an STS AssumeRole call and passing the credentials back as if the metadata service returned it.
That STS call, of course, takes longer than just a raw call to the metadata service. This often means we get timeouts in our applications that do this.
I've dug through the documentation but haven't found a way to extend the timeout for metadata service calls. Can anyone point me to how I can do this? If it cannot be done consider this a feature request for same.
Expected Behavior
There should be a way for a user of the SDK to adjust the timeout for ec2 metadata service calls.
Current Behavior
We often see timeouts resulting in "Unable to locate credentials"
Possible Solution
Ability to set an env variable or set directly in code the timeout associated with these calls.
Steps to Reproduce (for bugs)
.. it's involved. But if you created a slimmed down similar proxy you could see the problem.
Context
Your Environment
- AWS Java SDK version used: 2.0.0-preview-11
- JDK version used: 8.x
- Operating System and version: linux/kubernetes/container