Open john-motif opened 7 months ago
@tolik0 - Not sure if you've got any suggestions for where to look here? (also, thank you for contributing this feature - our customers are super excited about it)
Just quickly checking - any updates on this?
Following up on this ticket one more time - I see the docs now label this feature as only available for users in a Sales Assist workflow.
Is this merely because troubleshooting the authentication setup for individual customers requires engineering knowledge (eg: is it still possible with an Open Source Airbyte deployment?), or is there actually different code running for those customers/are they on a managed instance?
I'm interested in this too. Is it possible to connect to S3 using IAM Roles in an open-source deployment? Or is this available only for customers on a managed instance? I've been trying to configure this on a local deployment, and I was running into the same issue as @john-motif.
I am seeing this issue as well. From what I can tell AWS_ASSUME_ROLE_EXTERNAL_ID
is not passed to the source-s3
container that is started. I was able to confirm that I do have the proper permissions set on the role and s3 bucket. I also confirmed that this is evaluating to None
and falling into the else
block.
Connector Name
source-s3
Connector Version
4.4.0
What step the error happened?
Configuring a new connector
Relevant information
I'm attempting to connect to an S3 bucket using the new IAM Role support per these instructions. see #33944
The S3 connector gets the credentials as expected, but fails to assume the role with the following error message:
botocore.exceptions.NoCredentialsError: Unable to locate credentials
I've already successfully tested/validated that the Secret Key/Access key ID approach works for this bucket and our Airbyte setup, but our customer strongly prefers the IAM role approach. I've also checked/verified that the expected value (our workspace ID) for
AWS_ASSUME_ROLE_EXTERNAL_ID
is being set on the environment of the container testing the S3 connection.Our
Policy
is formatted as such:And our
Trust Relationship
is formatted like so:Any recommendations on how to troubleshoot or investigate further would be hugely appreciated!
Relevant log output
Contribute