Using the CFN template based on 0.2.29, I did a CUDOS + TAO deploy, which completed okay. I then noticed errors in the access to the TA datasets. These manifested as data not being available to the dashboard and then, more specifically, S3 access errors when trying to examine the dataset. I traced this back to the new access role for the QS Data Source, for which only the CUR bucket was included in the allowed resources. Looking at the template, this appears to indicate an issue attaching both the CUR and ODC policies to the role. It may be that since both policies are named S3Access that there is a name collision. I will test that theory and to a fix/PR if that is the case.
iakov-aws
commented
11 months ago
Using the CFN template based on 0.2.29, I did a CUDOS + TAO deploy, which completed okay. I then noticed errors in the access to the TA datasets. These manifested as data not being available to the dashboard and then, more specifically, S3 access errors when trying to examine the dataset. I traced this back to the new access role for the QS Data Source, for which only the CUR bucket was included in the allowed resources. Looking at the template, this appears to indicate an issue attaching both the CUR and ODC policies to the role. It may be that since both policies are named S3Access that there is a name collision. I will test that theory and to a fix/PR if that is the case.