Clowder 1.22 is not able to use the AWS Instance Role for accessing S3 bucket

clowder-framework / clowder

A data management system that allows users to share, annotate, organize and analyze large collections of datasets. It provides support for extensible metadata annotation using JSON-LD and a distribute analytics event bus for automatic curation of uploaded data.

https://clowderframework.org/

University of Illinois/NCSA Open Source License

36 stars 17 forks source link

Clowder 1.22 is not able to use the AWS Instance Role for accessing S3 bucket #431

Open adkinsn opened 11 months ago

adkinsn commented 11 months ago

Clowder 1.22 is not able to use the AWS Instance Role for accessing S3 bucket. It works when we provide IAM Key and Secret key. When we remove the IAM key, we are getting access denied error. We have confirmed that the role has necessary permissions and we have tested the permission by running AWS CLI commands on the EC2 instance. Can we have a working session to make sure that it is not a config issue? We suspect that AWS SDK need to be updated.

lmarini commented 11 months ago

@adkinsn do you see any errors in the logs of the clowder container when uploading new files? Did this work before?

lmarini commented 11 months ago

@adkinsn we don't support roles in our current S3 implementation. We will take a look to see how easy it would be to implement.