From 60316d22cbd5f52e55ad569110718c13d1c9ea6c Mon Sep 17 00:00:00 2001
From: James M Leddy <james.leddy@mongodb.com>
Date: Thu, 5 Dec 2024 14:58:20 -0500
Subject: [PATCH] aws: make sure to set io timeouts for ec2 provider

Signed-off-by: James M Leddy <james.leddy@mongodb.com>
---
 src/aws/flb_aws_credentials_ec2.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/aws/flb_aws_credentials_ec2.c b/src/aws/flb_aws_credentials_ec2.c
index 688d143f2d2..9a9c13740da 100644
--- a/src/aws/flb_aws_credentials_ec2.c
+++ b/src/aws/flb_aws_credentials_ec2.c
@@ -176,7 +176,19 @@ void upstream_set_fn_ec2(struct flb_aws_provider *provider,
     flb_debug("[aws_credentials] upstream_set called on the EC2 provider");
     /* Make sure TLS is set to false before setting upstream, then reset it */
     ins->use_tls = FLB_FALSE;
+
+    /* IMDSv2 token request will timeout if hops = 1 and running within container */
+    ins->net_setup.connect_timeout = FLB_AWS_IMDS_TIMEOUT;
+    ins->net_setup.io_timeout = FLB_AWS_IMDS_TIMEOUT;
+    ins->net_setup.keepalive = FLB_FALSE; /* On timeout, the connection is broken */
+
     flb_output_upstream_set(implementation->client->upstream, ins);
+
+    /* Reset */
+    ins->net_setup.keepalive = FLB_TRUE;
+    ins->net_setup.io_timeout = 0;
+    ins->net_setup.connect_timeout = 10;
+
     ins->use_tls = FLB_TRUE;
 }