Unable to access the IMDSv2 URI – How to solve this Elasticsearch error

Opster Team

Aug-23, Version: 8.2-8.9

Briefly, this error occurs when Elasticsearch cannot access the Instance Metadata Service version 2 (IMDSv2) URI, which is typically used in AWS environments to retrieve instance metadata. This could be due to network issues, incorrect configuration, or insufficient permissions. To resolve this, ensure that your instance has the necessary permissions to access the IMDSv2. Also, check your network settings and configurations to ensure they are correct. If the issue persists, consider upgrading your Elasticsearch version or contacting AWS support for further assistance.

This guide will help you check for common problems that cause the log ” Unable to access the IMDSv2 URI: ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugins, discovery, discovery-ec2.

Log Context

Log “Unable to access the IMDSv2 URI: ” classname is AwsEc2Utils.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

                urlConnection = (HttpURLConnection) new URL(metadataTokenUrl).openConnection();
                urlConnection.setRequestProperty("X-aws-ec2-metadata-token-ttl-seconds"; String.valueOf(METADATA_TOKEN_TTL_SECONDS));
            } catch (IOException e) {
                logger.warn("Unable to access the IMDSv2 URI: " + metadataTokenUrl; e);
                return Optional.empty();
            try (
                var in = urlConnection.getInputStream();
                var reader = new BufferedReader(new InputStreamReader(in; StandardCharsets.UTF_8))