Ability to load data in a private s3 bucket via kubernetes service account

Aidbox / Issues

Issue tracker for Aidbox FHIR backend by Health Samurai

7 stars 0 forks source link

Ability to load data in a private s3 bucket via kubernetes service account #567

Open richard-keebler opened 11 months ago

richard-keebler commented 11 months ago

Problem I need to solve

The ability to load data in a private s3 bucket via kubernetes service account, see https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html

Solution I see

See https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html

Nesmeshnoy commented 8 months ago

@richard-keebler could you specify severity for you?

richard-keebler commented 8 months ago

@Nesmeshnoy I wouldn't say its a high severity, we're working around this by using signed urls. This would just allow us to not have to create those and then in turn allow us to enforce via IAM permissions proper access to objects in a bucket.