acceptable-salesclerk-36214
11/16/2023, 6:40 PM@task(
container_image="<http://ghcr.io/flyteorg/flytekit:py3.10-1.10.1b0|ghcr.io/flyteorg/flytekit:py3.10-1.10.1b0>",
environment={
"AWS_ACCESS_KEY_ID": "some-value"
"AWS_SECRET_ACCESS_KEY": "some-value",
"AWS_DEFAULT_REGION": "some-value"
}
)
def consume() -> None:
f = FlyteFile("<s3://some-s3/file|s3://some-s3/file>")
f.download() # fails here
# in the `user_script.sh` I want to do some manipulations with
# the file downloaded to the local filesystem
subprocess.run(["./user_script.sh"])
I'm getting the following error when calling `f.download()`:
packages/flytekit/types/file/file.py\", line 209, in __fspath__\n self._downloader()\n File \"/usr/local/lib/python3.10/site-packages/flytekit/types/file/file.py\", line 434, in _downloader\n return ctx.file_access.get_data(uri, local_path, is_multipart=False)\n File \"/usr/local/lib/python3.10/site-packages/flytekit/core/data_persistence.py\", line 467, in get_data\n raise FlyteAssertion(\n\nMessage:\n\n Failed to get data from <s3://some-s3/file|s3://some-s3/file> to /tmp/flyteslc48j5z/local_flytekit/0d47388e2e9630d969bb337a5dfb83ac/file (recursive=False).\n\nOriginal exception: Access Denied.\n\nUser error."}
{"asctime": "2023-11-16 05:33:31,327", "name": "flytekit.entrypoint", "levelname": "ERROR", "message": "!! End Error Captured by Flyte !!"}
I'm able to download the same file using the same credentials with aws cli. Also my workflow works fine when I run it with pyflyte on a local machine and not a demo cluster. What might be the problem here?glamorous-carpet-83516
11/16/2023, 7:24 PMacceptable-salesclerk-36214
11/16/2023, 9:00 PMContainers:
f194f319452404a1b9ac-n1-0-0:
Container ID: <containerd://7b1698bd4e79be0727fc4bb71fa2c1353b7b53b3e278f1f639d99243f37053a>b
Image: <http://ghcr.io/flyteorg/flytekit:py3.10-1.10.1b0|ghcr.io/flyteorg/flytekit:py3.10-1.10.1b0>
Image ID: <http://docker.io/ghcr.io/flyteorg/flytekit@sha256:a8006be3e778208d964fefbd0a880909aca1295881938401e62798cb770c5fb5|docker.io/ghcr.io/flyteorg/flytekit@sha256:a8006be3e778208d964fefbd0a880909aca1295881938401e62798cb770c5fb5>
Port: <none>
Host Port: <none>
Args:
pyflyte-fast-execute
--additional-distribution
<s3://my-s3-bucket/flytesnacks/development/ESI3LPXXDLUQA66NHZECMRPDBM======/script_mode.tar.gz>
--dest-dir
/root
--
pyflyte-map-execute
--inputs
<s3://my-s3-bucket/metadata/propeller/flytesnacks-development-f194f319452404a1b9ac/n1/data/inputs.pb>
--output-prefix
<s3://my-s3-bucket/metadata/propeller/flytesnacks-development-f194f319452404a1b9ac/n1/data/0>
--raw-output-data-prefix
<s3://my-s3-bucket/data/4b/f194f319452404a1b9ac-n1-0/0/0>
--checkpoint-path
<s3://my-s3-bucket/data/4b/f194f319452404a1b9ac-n1-0/0/0/_flytecheckpoints>
--prev-checkpoint
""
--resolver
MapTaskResolver
--
vars
resolver
flytekit.core.python_auto_container.default_task_resolver
task-module
fastqc2
task-name
consume4
Environment:
AWS_ACCESS_KEY_ID: redacted
AWS_SECRET_ACCESS_KEY: redacted
AWS_DEFAULT_REGION: us-east-1
glamorous-carpet-83516
11/16/2023, 10:22 PMacceptable-salesclerk-36214
11/17/2023, 1:14 AM~/.flyte/config-sandbox.yaml
admin:
# For GRPC endpoints you might want to use dns:///flyte.myexample.com
endpoint: localhost:30080
authType: Pkce
insecure: true
console:
endpoint: <http://localhost:30080>
logger:
show-source: true
level: 0
acceptable-salesclerk-36214
11/17/2023, 1:18 AMglamorous-carpet-83516
11/17/2023, 1:24 AMacceptable-salesclerk-36214
11/17/2023, 2:46 AM- FLYTE_AWS_ACCESS_KEY_ID: minio
- FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage
If I just append my aws creds like this
default-env-vars:
- FLYTE_AWS_ENDPOINT: <http://flyte-sandbox-minio.flyte:9000>
- FLYTE_AWS_ACCESS_KEY_ID: minio
- FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage
- AWS_ACCESS_KEY_ID: redacted
- AWS_SECRET_ACCESS_KEY: redacted
then I still get access denied when trying to download file from awsacceptable-salesclerk-36214
11/17/2023, 3:37 AMglamorous-carpet-83516
11/17/2023, 3:39 AMacceptable-salesclerk-36214
11/17/2023, 3:42 AMacceptable-salesclerk-36214
11/17/2023, 3:46 AMthankful-minister-83577
thankful-minister-83577
thankful-minister-83577
acceptable-salesclerk-36214
11/17/2023, 12:23 PMthankful-minister-83577
thankful-minister-83577
acceptable-salesclerk-36214
11/17/2023, 12:34 PM