'Unable to lookup role in URI' error when starting new Confluence/Synchrony node in AWS
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
New nodes of Confluence/Synchrony fail to start in AWS.
The following appears in the atlassian-confluence.log or atlassian-synchrony.log, depending on where the issue is:
[127.0.0.1]:5701 [Confluence-Synchrony] [3.7.4] Unable to lookup role in URI: http://127.0.0.1/latest/meta-data/iam/security-credentials/
com.hazelcast.config.InvalidConfigurationException: Unable to lookup role in URI: http://127.0.0.1/latest/meta-data/iam/security-credentials/
at com.hazelcast.aws.impl.DescribeInstances.retrieveRoleFromURI(DescribeInstances.java:145)
at com.hazelcast.aws.impl.DescribeInstances.tryGetDefaultIamRole(DescribeInstances.java:171)
at com.hazelcast.aws.impl.DescribeInstances.checkKeysFromIamRoles(DescribeInstances.java:91)
at com.hazelcast.aws.impl.DescribeInstances.<init>(DescribeInstances.java:65)
at com.hazelcast.aws.AWSClient.getPrivateIpAddresses(AWSClient.java:47)
...
Caused by: java.io.FileNotFoundException: http://127.0.0.1/latest/meta-data/iam/security-credentials/
Diagnosis
Environment
- Running Confluence or Synchrony in AWS
- Using AWS for node discovery
Cause
There is an issue with the IAM role configuration in AWS. In this example, there was no profile assigned to that role or the role name is incorrect.
Resolution
Ensure the IAM role is created properly and that a profile is associated with that role: Using an IAM Role to Grant Permissions to Applications Running on Amazon EC2 Instances.