Hi Swagat, I’ve used kube2iam[1] for granting AWS access to Flink pods in the past with good results. It’s all based on mapping pod annotations to AWS IAM roles. Is this something that might work for you?
Best, Austin [1]: https://github.com/jtblin/kube2iam On Sat, Apr 3, 2021 at 10:40 AM Swagat Mishra <swaga...@gmail.com> wrote: > No we are running on aws. The mechanisms supported by flink to connect to > resources like S3, need us to make changes that will impact all services, > something that we don't want to do. So providing the aws secret key ID and > passcode upfront or iam rules where it connects by executing curl/ http > calls to connect to S3 , don't work for me. > > I want to be able to connect to S3, using aws Api's and if that connection > can be leveraged by the presto library, that is what I am looking for. > > Regards, > Swagat > > > On Sat, Apr 3, 2021, 7:37 PM Israel Ekpo <israele...@gmail.com> wrote: > >> Are you running on Azure Kubernetes Service. >> >> You should be able to do it because the identity can be mapped to the >> labels of the pods not necessary Flink. >> >> On Sat, Apr 3, 2021 at 6:31 AM Swagat Mishra <swaga...@gmail.com> wrote: >> >>> Hi, >>> >>> I think flink doesn't support pod identity, any plans tk achieve it in >>> any subsequent release. >>> >>> Regards, >>> Swagat >>> >>> >>>
