search

amazon-archives / k8s-cloudwatch-adapter

An implementation of Kubernetes Custom Metrics API for Amazon CloudWatch
Apache License 2.0
158 stars 98 forks source link

Not refreshing security token #32

Open turaleck opened 4 years ago

turaleck commented 4 years ago

After a few hours of running, the token expires, but it is not refreshed. I am setting the credentials via AWS_SHARED_CREDENTIALS_FILE environment variable.

E0507 16:17:46.926686       1 client.go:102] err: ExpiredToken: The security token included in the request is expired
    status code: 403, request id: d9a952e6-91dc-461c-b9b1-5182a45e304f
E0507 16:17:46.926709       1 provider_external.go:32] bad request: ExpiredToken: The security token included in the request is expired
    status code: 403, request id: d9a952e6-91dc-461c-b9b1-5182a45e304f

I would expect the adapter to handle the expired token by renewing it. I'm running chankh/k8s-cloudwatch-adapter:v0.8.0

chankh commented 4 years ago

Hi @turaleck, thanks for reporting this issue. May I know how are you assigning the credentials file? Is it from secrets or you generate that using an init container?

turaleck commented 4 years ago

Hi @chankh credentials file is from secret.