stackoom
  简体   繁体   中英

Expiration time of AWS EC2 instance profile credentials

 原文  2018-12-04 08:58:43       amazon-web-services/ amazon-ec2/ amazon-iam

Question

The official AWS documentation states that instance profile credentials "are temporary and would eventually expire" , and I was wondering how often they expire.

I'am asking because I have applications using an InstanceProfileCredentialsProvider as credential provider, which by default does not refresh credentials, running for days without problems.

1 answers

solution1
 2  2018-12-30 17:47:39

We have noticed from logging that the temporary credentials issued against an attached role last approximately 6 hours.

Does anyone know the mechanism of how they are refreshed, supposedly 15 minutes before they expire? Is the SSM service monitoring the expiration and asking for new credentials?

We are currently chasing down what appears to be an issue with the credentials not being refreshed after the EC2 instance has no activity on the overnight. Trying to determine whether app pool idle timeout or recycle interval is playing a hand.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to ask Terraform CLI to use AWS Shared Credentials not AWS EC2 instance profile of its host Reconfigure EC2 instance with AWS credentials Create EC2 instance by Ansible with aws credentials Credentials for multiple AWS accounts on EC2 instance Unable to load AWS credentials on EC2 Instance How to use instance profile credentials available on running ec2 instance? EC2 instances with same instance profile share credentials? AWS IAM Instance Profile to Administer EC2 Instances With that Profile aws ec2 instance - permission denied to write to ~/.aws/credentials AWS CLI: create EC2 instance and attach instance profile (unauthorized)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM