diff --git a/charts/karpenter/values.yaml b/charts/karpenter/values.yaml
index 2f297fd64de4..94f8dd060087 100644
--- a/charts/karpenter/values.yaml
+++ b/charts/karpenter/values.yaml
@@ -169,7 +169,7 @@ settings:
     # -- Role to assume for calling AWS services.
     assumeRoleARN: ""
     # -- Duration of assumed credentials in minutes. Default value is 15 minutes. Not used unless aws.assumeRoleARN set.
-    assumeRoleDuration: ""
+    assumeRoleDuration: 15m
     # -- Cluster name.
     clusterName: ""
     # -- Cluster endpoint. If not set, will be discovered during startup (EKS only)
diff --git a/pkg/apis/settings/settings.go b/pkg/apis/settings/settings.go
index 9c1e9d5ebd19..0e89e9fd132b 100644
--- a/pkg/apis/settings/settings.go
+++ b/pkg/apis/settings/settings.go
@@ -24,9 +24,11 @@ import (
 	"github.com/go-playground/validator/v10"
 	"go.uber.org/multierr"
 	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"knative.dev/pkg/apis"
 	"knative.dev/pkg/configmap"
 
+	coresettings "github.com/aws/karpenter-core/pkg/apis/settings"
 	"github.com/aws/karpenter/pkg/apis/v1alpha1"
 )
 
@@ -36,7 +38,7 @@ var ContextKey = settingsKeyType{}
 
 var defaultSettings = &Settings{
 	AssumeRoleARN:              "",
-	AssumeRoleDuration:         time.Duration(15) * time.Minute,
+	AssumeRoleDuration:         &metav1.Duration{Duration: time.Minute * 15},
 	ClusterName:                "",
 	ClusterEndpoint:            "",
 	DefaultInstanceProfile:     "",
@@ -52,8 +54,8 @@ var defaultSettings = &Settings{
 // +k8s:deepcopy-gen=true
 type Settings struct {
 	AssumeRoleARN              string
-	AssumeRoleDuration         time.Duration `validate:"min=15m"`
-	ClusterName                string        `validate:"required"`
+	AssumeRoleDuration         *metav1.Duration `validate:"min=15m"`
+	ClusterName                string           `validate:"required"`
 	ClusterEndpoint            string
 	DefaultInstanceProfile     string
 	EnablePodENI               bool
@@ -75,7 +77,7 @@ func (*Settings) Inject(ctx context.Context, cm *v1.ConfigMap) (context.Context,
 
 	if err := configmap.Parse(cm.Data,
 		configmap.AsString("aws.assumeRoleARN", &s.AssumeRoleARN),
-		configmap.AsDuration("aws.assumeRoleDuration", &s.AssumeRoleDuration),
+		coresettings.AsMetaDuration("aws.assumeRoleDuration", &s.AssumeRoleDuration),
 		configmap.AsString("aws.clusterName", &s.ClusterName),
 		configmap.AsString("aws.clusterEndpoint", &s.ClusterEndpoint),
 		configmap.AsString("aws.defaultInstanceProfile", &s.DefaultInstanceProfile),
diff --git a/pkg/apis/settings/suite_test.go b/pkg/apis/settings/suite_test.go
index 21a613e8edb9..df0f499aac5e 100644
--- a/pkg/apis/settings/suite_test.go
+++ b/pkg/apis/settings/suite_test.go
@@ -47,7 +47,7 @@ var _ = Describe("Validation", func() {
 		Expect(err).ToNot(HaveOccurred())
 		s := settings.FromContext(ctx)
 		Expect(s.AssumeRoleARN).To(Equal(""))
-		Expect(s.AssumeRoleDuration).To(Equal(time.Duration(15) * time.Minute))
+		Expect(s.AssumeRoleDuration.Duration).To(Equal(time.Duration(15) * time.Minute))
 		Expect(s.DefaultInstanceProfile).To(Equal(""))
 		Expect(s.EnablePodENI).To(BeFalse())
 		Expect(s.EnableENILimitedPodDensity).To(BeTrue())
@@ -76,7 +76,7 @@ var _ = Describe("Validation", func() {
 		Expect(err).ToNot(HaveOccurred())
 		s := settings.FromContext(ctx)
 		Expect(s.AssumeRoleARN).To(Equal("arn:aws:iam::111222333444:role/testrole"))
-		Expect(s.AssumeRoleDuration).To(Equal(time.Duration(27) * time.Minute))
+		Expect(s.AssumeRoleDuration.Duration).To(Equal(time.Duration(27) * time.Minute))
 		Expect(s.DefaultInstanceProfile).To(Equal("karpenter"))
 		Expect(s.EnablePodENI).To(BeTrue())
 		Expect(s.EnableENILimitedPodDensity).To(BeFalse())
diff --git a/pkg/apis/settings/zz_generated.deepcopy.go b/pkg/apis/settings/zz_generated.deepcopy.go
index 43eaa173bfe6..9135926a6935 100644
--- a/pkg/apis/settings/zz_generated.deepcopy.go
+++ b/pkg/apis/settings/zz_generated.deepcopy.go
@@ -19,11 +19,18 @@ limitations under the License.
 
 package settings
 
-import ()
+import (
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+)
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Settings) DeepCopyInto(out *Settings) {
 	*out = *in
+	if in.AssumeRoleDuration != nil {
+		in, out := &in.AssumeRoleDuration, &out.AssumeRoleDuration
+		*out = new(v1.Duration)
+		**out = **in
+	}
 	if in.Tags != nil {
 		in, out := &in.Tags, &out.Tags
 		*out = make(map[string]string, len(*in))
diff --git a/pkg/operator/operator.go b/pkg/operator/operator.go
index b657410e8af3..d7864d12e11a 100644
--- a/pkg/operator/operator.go
+++ b/pkg/operator/operator.go
@@ -239,6 +239,6 @@ func kubeDNSIP(ctx context.Context, kubernetesInterface kubernetes.Interface) (n
 }
 
 func setDurationAndExpiry(ctx context.Context, provider *stscreds.AssumeRoleProvider) {
-	provider.Duration = settings.FromContext(ctx).AssumeRoleDuration
+	provider.Duration = settings.FromContext(ctx).AssumeRoleDuration.Duration
 	provider.ExpiryWindow = time.Duration(10) * time.Second
 }