Hi Vignesh, 403 status code makes this look like an authorization issue. > * Some digging into the presto configs and I had this one turned off topresto.s3.use-instance-credentials: "false". (Is this right?)*
>From the document[1], it is recommended that set hive. *s3.use-instance-credentials* to *true* and use IAM Roles for *EC2* to govern access to S3. Maybe you can try the following two ways: 1) Set *s3.use-instance-credentials* to *true *and use IAM roles. 2) Or set hive.s3.aws-access-key and hive.s3.aws-secret-key directly. [1]https://prestodb.io/docs/current/connector/hive.html#s3-credentials Best, Yanfei Vignesh Kumar Kathiresan via user <user@flink.apache.org> 于2022年10月18日周二 03:48写道: > Hello all, > > I am trying to achieve flink application checkpointing to s3 using the > recommended presto s3 filesystem plugin. > My application is deployed in a kubernetes cluster (EKS) in flink > application mode. > > When I start the application I am getting a forbidden 403 response > > ```Caused by: > com.facebook.presto.hive.s3.PrestoS3FileSystem$UnrecoverableS3OperationException: > com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: > Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: ; > Proxy: null) Path: s3p://bucket/checkpoint_dir/xxx/chk-2/yyy) > at > com.facebook.presto.hive.s3.PrestoS3FileSystem.lambda$getS3ObjectMetadata$5(PrestoS3FileSystem.java:677) > ~[?:?] > at com.facebook.presto.hive.RetryDriver.run(RetryDriver.java:139) > ~[?:?]``` > > So far I have > 1) the IAM role attached to the service account has been given full s3 > access. > 2) the config for checkpointing as > state.checkpoints.dir: s3p://BUCKET_NAME/checkpoints (tried with s3:// > also) > 3) Some digging into the presto configs and I had this one turned off too > presto.s3.use-instance-credentials: "false". (Is this right?) > > Is there something I am missing(some other config to be set?) for this > checkpointing access. > > P.S we have other application level access to s3 working fine > > Thanks, > Vignesh >
