You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the case of a storage config using an IAM Role, we send a default config file to each data node thus not setting the required permissions on a data node to allow backup/restores to work. We should do something similar to curl http://169.254.169.254/latest/meta-data/iam/security-credentials/<ROLE_NAME> to retrieve AccessKeyId and SecretAccessKey and set this in the config so that the data nodes inherit the required IAM permissions to access S3.
The text was updated successfully, but these errors were encountered:
daniel-yb
changed the title
Retrieve IAM Intance Profile Credentials from Yugaware Machine for Backups
Retrieve IAM Instance Profile Credentials from Yugaware Machine for Backups
Jun 26, 2020
…chine for Backups #4900
Summary:
Pass along the ec2 instance profile credentials from yugaware to nodes if storage config is
using IAM role instead of explicitly providing access_key and secret_key
Test Plan:
Use IAM Role S3 storage config -> backup/restore should work without attaching any other
roles to nodes
Reviewers: ram, andrew, bogdan, wesley
Reviewed By: wesley
Subscribers: jenkins-bot, rao, yugaware
Differential Revision: https://phabricator.dev.yugabyte.com/D8760
…chine for Backups #4900
Summary:
Pass along the ec2 instance profile credentials from yugaware to nodes if storage config is
using IAM role instead of explicitly providing access_key and secret_key
Test Plan:
Use IAM Role S3 storage config -> backup/restore should work without attaching any other
roles to nodes
Reviewers: ram, andrew, bogdan, wesley
Reviewed By: wesley
Subscribers: jenkins-bot, rao, yugaware
Differential Revision: https://phabricator.dev.yugabyte.com/D8760
…chine for Backups #4900
Summary:
Pass along the ec2 instance profile credentials from yugaware to nodes if storage config is
using IAM role instead of explicitly providing access_key and secret_key
Test Plan:
Use IAM Role S3 storage config -> backup/restore should work without attaching any other
roles to nodes
Reviewers: ram, andrew, bogdan, wesley
Reviewed By: wesley
Subscribers: jenkins-bot, rao, yugaware
Differential Revision: https://phabricator.dev.yugabyte.com/D8760
In the case of a storage config using an IAM Role, we send a default config file to each data node thus not setting the required permissions on a data node to allow backup/restores to work. We should do something similar to
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/<ROLE_NAME>
to retrieveAccessKeyId
andSecretAccessKey
and set this in the config so that the data nodes inherit the required IAM permissions to access S3.The text was updated successfully, but these errors were encountered: