Even after #270 we have experienced 403s from the metadata service while
using the AWS VPC CNI with any pods not using host networking. This
indicated that while the PUT requests for tokens were now working
correctly, the subsequent GET requests still had the X-Forwarded-For
header which AWS rejects with a 403.
Coverage remained the same at 19.481% when pulling bd376a1ae7c507c8f883d8285d09213d0f461cef on o11n:imdsv2 into ccdaac8d59e95a64b67ae055b4b963386c32fad8 on jtblin:master.
Even after #270 we have experienced 403s from the metadata service while using the AWS VPC CNI with any pods not using host networking. This indicated that while the PUT requests for tokens were now working correctly, the subsequent GET requests still had the
X-Forwarded-For
header which AWS rejects with a 403.