Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

EC2 instance metadat credentials initial delay

0

We make use of EC2 instance profiles to grant iam rights to our instances. This works fine. However when we use the cli or powershell within the instance the first call to an AWS service has a long delay, frequently around 30 seconds. Subsequent calls to other APIs are almost instant.

Does anyone else see a delay on initial credentials retrieval? If not, what kind of response do you get for the first call?

The delay is not specific to any AWS API. It could be practically any AWS cli command.

Any ideas on how I could reduce this delay or how I could troubleshoot further to find the specific call?

Many thanks

Themen
Management & UnternehmensführungKalkulation
Tags
AWS BefehlszeilenschnittstelleAmazon EC2
Sprache
English
Nobbydoe
gefragt vor 2 Jahren308 Aufrufe
1 Antwort
0

There are a couple of things I would check:

  • Make sure you're using the latest version of the AWS CLI
  • Verify this only happens with calls out to the AWS API and not any other network calls (i.e. via curl)
  • Monitor your CloudTrail for the target account for failed login attempts. It could be that the CLI is trying to authenticate with a stale set of credentials stored in the credentials file or an environment variable, and falling back to the IAM profile role.
  • Monitor your VPC Flow Logs to see exactly where/when the slow-down is occurring.
  • Ensure proper configuration and routing to your NAT gateways and/or transit networks
profile pictureAWS
Michael_B
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt