IMDSv2 (instance metadata service) is a new, more secure mechanism to get instance metadata from an EC2 instance: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-metadata-v2-how-it-works.html. Unlike IMDSv1 which is just an endpoint that returns metadata from a GET request, v2 is a session-based protocol that requires creating a token, then using it to read the metadata.

Rusoto does not support v2 (rusoto/rusoto#1818) and is unlikely to, given that it is in maintenance mode.

A couple of possible options:

• We can extend rusoto with support (like https://gist.github.com/DarrenTsung/d172dbd32690012853e9ede3e4633069)
• Implement this ourselves without rusoto (this is the path arrow-rs took previously: https://github.com/apache/arrow-rs/pull/2352/files)
• We can move to the official AWS SDK for authentication (we currently only use rusoto for profile management/authentication, not for actually interacting with services), like vector: vectordotdev/vector#6847

We should think about moving to official AWS SDK for Rust, not sure about the reliability though