Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

EC2 instance metadat credentials initial delay

0

We make use of EC2 instance profiles to grant iam rights to our instances. This works fine. However when we use the cli or powershell within the instance the first call to an AWS service has a long delay, frequently around 30 seconds. Subsequent calls to other APIs are almost instant.

Does anyone else see a delay on initial credentials retrieval? If not, what kind of response do you get for the first call?

The delay is not specific to any AWS API. It could be practically any AWS cli command.

Any ideas on how I could reduce this delay or how I could troubleshoot further to find the specific call?

Many thanks

Argomenti
Gestione e amministrazioneComputazionali
Tag
Interfaccia a riga di comando AWSAmazon EC2
Lingua
English
Nobbydoe
posta 2 anni fa308 visualizzazioni
1 Risposta
0

There are a couple of things I would check:

  • Make sure you're using the latest version of the AWS CLI
  • Verify this only happens with calls out to the AWS API and not any other network calls (i.e. via curl)
  • Monitor your CloudTrail for the target account for failed login attempts. It could be that the CLI is trying to authenticate with a stale set of credentials stored in the credentials file or an environment variable, and falling back to the IAM profile role.
  • Monitor your VPC Flow Logs to see exactly where/when the slow-down is occurring.
  • Ensure proper configuration and routing to your NAT gateways and/or transit networks
profile pictureAWS
Michael_B
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente