Closed gastoncan closed 1 year ago
Thanks for opening this issue. I think this is a bug introduced with the naming standardization where we decided to name cluster scoped IAMPolicy
to XIAMPolicy
and namespaced scoped to just IAMPolicy
. Because of that, we are trying to create claims, not composite resources.
If you change reference to IAMPolicy
to XIAMPolicy
in the composition, it should get created correctly.
That is, in this composition, replace every occurrence of IAMPolicy
to XIAMPolicy
.
I will have to fix this.
Hi @nabuskey . Thanks for the fast feedback, really appreciate your inputs. The namespace warning are gone, yey!
X
to IAMPolicy
in the iam-policy/s3-read.yaml
and iam-policy/s3-write.yaml
files:
name: read-s3.iampolicy.awsblueprints.io
--> name: read-s3.xiampolicy.awsblueprints.io
and
kind: IAMPolicy
--> kind: XIAMPolicy
name: write-s3.iampolicy.awsblueprints.io
--> name: write-s3.xiampolicy.awsblueprints.io
and
kind: IAMPolicy
--> kind: XIAMPolicy
API Version: iam.aws.crossplane.io/v1beta1
kind: Role
resource:
create failed: failed to create the Role resource: api error ValidationError: 1 validation error detected: Value '''' at ''permissionsBoundary'' failed to satisfy constraint: Member must have length greater than or equal to 20.
To workaround it I just commented the patch:
- type: FromCompositeFieldPath
fromFieldPath: spec.permissionsBoundaryArn
toFieldPath: spec.forProvider.permissionsBoundary
From the example EMRContainer
looks like the permissionsBoundaryArn
is optional, but I did not manage to run the example without it.
jobParams
:
Note that the region provided in the jobParams.sparkEntryPoint
must be the same as the region where you are running the example, otherwise my pods failed with "S3 list permission denied" error. It worth to add a short note on the example to avoid people struggling with it :)Again, thank you very much for your support and great job!
@gastoncan Thank you very much for sharing detailed explanation on what you did to fix it. I've opened a PR to fix it.
Please describe your question here
I am trying the
emr-on-eks
composition example from thecrossplane-on-eks
library. MyEMRContainer
(for EMR job-run) resource status issynced
but notready
.The question is, why is my EMR job resource not being created?
Taking a look a the
XEMRContainer
resource, I see the following events, describing 2 kinds of different errors:I created the
EMRContainer
for virtual cluster successfully, but the job-run resource fail with the above errors.This is the XR for the jobs creation:
Provide link to the example related to the question
https://github.com/awslabs/crossplane-on-eks/blob/main/examples/aws-provider/composite-resources/emr-on-eks/job-run.yaml
Additional context
I installed crossplane
latest
with AWS provider packagexpkg.upbound.io/crossplane-contrib/provider-aws:v0.37.1
.Is that possible that the latests commits in the compositions are affecting the stability of the examples? https://github.com/awslabs/crossplane-on-eks/commit/9719c583232b5da4373ab98ee0dabfb0a2a8e090
More