You are viewing the documentation for an older major version of the AWS SDK for JavaScript.
The modular AWS SDK for JavaScript (v3), the latest major version of AWS SDK for JavaScript, is now stable and recommended for general use. For more information, see the Migration Guide and API Reference.

Class: AWS.EC2MetadataCredentials

AWS.Credentials show all
Defined in:



This feature is not supported in the browser environment of the SDK.

Represents credentials received from the metadata service on an EC2 instance.

By default, this class will connect to the metadata service using AWS.MetadataService and attempt to load any available credentials. If it can connect, and credentials are available, these will be used with zero configuration.

This credentials class will by default timeout after 1 second of inactivity and retry 3 times. If your requests to the EC2 metadata service are timing out, you can increase these values by configuring them directly:

AWS.config.credentials = new AWS.EC2MetadataCredentials({
  httpOptions: { timeout: 5000 }, // 5 second timeout
  maxRetries: 10, // retry 10 times
  retryDelayOptions: { base: 200 }, // see AWS.Config for information
  logger: console // see AWS.Config for information

If your requests are timing out in connecting to the metadata service, such as when testing on a development machine, you can use the connectTimeout option, specified in milliseconds, which also defaults to 1 second.

If the requests failed or returns expired credentials, it will extend the expiration of current credential, with a warning message. For more information, please go to:

Constructor Summary collapse

Property Summary collapse

Properties inherited from AWS.Credentials

expired, expireTime, accessKeyId, secretAccessKey, sessionToken, expiryWindow

Method Summary collapse

Methods inherited from AWS.Credentials

needsRefresh, get, getPromise, refreshPromise

Constructor Details

new AWS.EC2MetadataCredentials(options) ⇒ void

Property Details

originalExpirationObject (static, readwrite)

The original expiration of the current credential. In case of AWS outage, the EC2 metadata will extend expiration of the existing credential.

Default Value:

AWS.EC2MetadataCredentials.originalExpiration = undefined

Method Details

refresh(callback) ⇒ void

Loads the credentials from the instance metadata service

Callback (callback):

  • function(err) { ... }

    Called when the instance metadata service responds (or fails). When this callback is called with no error, it means that the credentials information has been loaded into the object (as the accessKeyId, secretAccessKey, and sessionToken properties).


    • err (Error)

      if an error occurred, this value will be filled

See Also:

  • AWS.EC2MetadataCredentials.get