amazon-web-services monitoring amazon-rds newrelic

What is the best way to manage rolling aws credentials to new relic?

My aws credentials are getting rotated for one of the roles. This url:

$ curl http://169.254.169.254/latest/meta-data/iam/security-credentials/newrelicrole

always gives me the latest credentials for newrelicrole role on aws, I want to be able to populate the environment with the updated access key and secret key to fill new relic plugin config

What is the best way to go about it, except running a cron job which fetches the response and repopulates the environment?

Solution

If you are scraping the metadata feed for keys and putting it in a static file, you're doing it wrong- those keys rotate every four hours.

If you look at line 26 in the plugin config, you'll see the answer. Enable this and disable the access/secret key configs.

  #Use the following line disable the key checks and enable usage of AWS instance metadata for setting keys
  use_aws_metadata: true

How to use MFA with AWS CLI?
How do I get the URL for the item using the Amazon API
How to make links work with exported sites when hosted on AWS Cloudfront?
Error launching CloudFormation Template for CloudHSM
Glacier as Resource in CloudFormation template?
how to secure keys for API calls from android device to amazon services
Why is this IAM policy denying access with an MFA session?
AWS Lambda Function Trigger API Gateway Issue
GetMyFeesEstimate API Amazon vba
AWS Cloudformation !Ref SecurityGroup returns an invalid ID
How to set up AWS Client VPN with Keycloak as IdP
How to view/identify which process taking how much memory?
using bottlenose in python to extract product price from Amazon in different locale
Unable to delete cfn stack, role is invalid or cannot be assumed
How to Set Up Account Linking for a Skill using Alexa API from Amazon?
GitHub actions "aws: not found" error on ubuntu-latest with Godot CI
Download file from S3 to Rails 4 app
Cloudfront (CDN) with Internal Application Load Balancer
Connecting private load balancer to cloud front distribution?
Request to Amazon API with delphi : Got HTTP/1.1 403 Forbidden
Amazon QuickSight Connects Over Internet Instead of VPC to Public Redshift Cluster
Shift Lambda infrastructure to ECS
IAM policy to allow EC2 instance API access only to modify itself
How to match these 2 tables?
What is the best way of getting files from AWS S3, inserting them into zip and uploading that zip to the bucket?
What does this mean? An error occurred (SignatureDoesNotMatch) when calling the GetCallerIdentity operation: Signature expired
AWS ElastiCache in cluster mode has no Primary / Reader endpoints
How to query: filtering on multiple primary partition keys and range on primary sort key
How can I get boto3 script to run as a Lambda function?
Testing AWS CDK Applications Locally