Aws No Credential Provider - Teleport

No credential providers error

If you see the error NoCredentialProviders: no valid providers in chain in {{service}} Service logs then Teleport is not detecting the required credentials to connect via AWS IAM permissions. Check whether the credentials or security role has been applied in the machine running the Teleport {{service}} Service.

When running on EKS, this error may occur if the Teleport {{service}} Service cannot access IMDSv2 when the PUT requests hop limit on the worker node instance is set to 1. You can use the following commands to check the hop limit:

code

$ aws ec2 describe-instances --instance-ids <node-instance-id> | grep HttpPutResponseHopLimit
                        "HttpPutResponseHopLimit": 1,

See IMDSv2 support for EKS and EKS best practices for more details.