/chart - singleuser.extraAnnotations doesn't work role with aws

Bug description

I can’t connect to my s3 bucket using my role in extraAnnotations.


  events: true
    iam.amazonaws.com/role: my-role
    hub.jupyter.org/network-access-hub: "true"

The annotation is created in the pod, but through the terminal, I can’t list my buckets.

Previous versions worked. Latest version does not work either.

If I upload a POD with any image manually using this annotation, I have access to AWS without credentials using my role. Only with chart does not work.

Expected behaviour

When adding role, it should be possible to connect to aws using awscli in notebook.

Actual behaviour

Prompts for credentials and no communication with kube2iam takes place.

Unable to locate credentials. You can configure credentials by running "aws configure".

How to reproduce

Add role in singleuser notes and try to access AWS.

Your personal set up

EKS 1.17
CHART 0.11.1
APP 1.3.0

Hi! Could you show us your full Z2JH configuration, with secrets redacted?

Hi guys!
I just found the solution.

It is necessary to disable singleuser.cloudMetadata (false)
That way singleuser annotations can communicate with AWS, and my aws s3 ls worked

Thanks for listening