Hello all, I am trying to achieve flink application checkpointing to s3 using the recommended presto s3 filesystem plugin. My application is deployed in a kubernetes cluster (EKS) in flink application mode.
When I start the application I am getting a forbidden 403 response ```Caused by: com.facebook.presto.hive.s3.PrestoS3FileSystem$UnrecoverableS3OperationException: com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: ; Proxy: null) Path: s3p://bucket/checkpoint_dir/xxx/chk-2/yyy) at com.facebook.presto.hive.s3.PrestoS3FileSystem.lambda$getS3ObjectMetadata$5(PrestoS3FileSystem.java:677) ~[?:?] at com.facebook.presto.hive.RetryDriver.run(RetryDriver.java:139) ~[?:?]``` So far I have 1) the IAM role attached to the service account has been given full s3 access. 2) the config for checkpointing as state.checkpoints.dir: s3p://BUCKET_NAME/checkpoints (tried with s3:// also) 3) Some digging into the presto configs and I had this one turned off too presto.s3.use-instance-credentials: "false". (Is this right?) Is there something I am missing(some other config to be set?) for this checkpointing access. P.S we have other application level access to s3 working fine Thanks, Vignesh
