Hi Vamshi, >From your configuration I'm guessing that you're using Amazon S3 (not any implementation such as Minio).
Two comments: - *s3.endpoint* should not contain bucket (this is included in your s3 path, eg. *s3://<bucket>/<file>*) - "*s3.path.style.access*: true" is only correct for 3rd party implementation such as Minio / Swift, that have bucket definied in url path instead of subdomain You can find some information about connecting to s3 in Flink docs [1]. [1] https://ci.apache.org/projects/flink/flink-docs-release-1.13/docs/deployment/filesystems/s3/ Best, D. On Tue, Aug 10, 2021 at 2:37 AM Vamshi G <vgandr...@salesforce.com> wrote: > We are using Flink version 1.13.0 on Kubernetes. > For checkpointing we have configured fs.s3 flink-s3-fs-presto. > We have enabled sse on our buckets with kms cmk. > > flink-conf.yaml is configured as below. > s3.entropy.key: _entropy_ > s3.entropy.length: 4 > s3.path.style.access: true > s3.ssl.enabled: true > s3.sse.enabled: true > s3.sse.type: KMS > s3.sse.kms-key-id: <ARN of keyid> > s3.iam-role: <IAM role with read/write access to bucket> > s3.endpoint: <bucketname>.s3-us-west-2.amazonaws.com > s3.credentials-provider: > com.amazonaws.auth.profile.ProfileCredentialsProvider > > However, PUT operations on the bucket are resulting in access denied > error. Access policies for the role are checked and works fine when checked > with CLI. > Also, can't get to see debug logs from presto s3 lib, is there a way to > enable logger for presto airlift logging? > > Any inputs on above issue? > >
