Roberto Ruiz
05/18/2022, 8:27 PMflytectl register examples -d development -p flytesnacks
I'm getting:
Error: example 0xc0006ae770 failed to register rpc error: code = Internal desc = failed to write marshaled workflow [resource_type:WORKFLOW project:"flytesnacks" domain:"development" name:"blast.blastx_example.blast_wf" version:"v0.3.81" ] to storage <s3://flyte-cluster-bucket/metadata/admin/flytesnacks/development/blast.blastx_example.blast_wf/v0.3.81> with err Failed to write data [3170b] to path [metadata/admin/flytesnacks/development/blast.blastx_example.blast_wf/v0.3.81].: PutObject, putting object: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
But I can't seem to find which ARN this error is referring tokatrina
Roberto Ruiz
05/18/2022, 9:27 PMstorage:
type: s3
connection:
auth-type: iam
region: us-east-2
container: flyte-cluster-bucket
serviceAccount:
# -- If the service account is created by you, make this false, else a new service account will be created and the iam-role-flyte will be added
# you can change the name of this role
create: true
annotations:
<http://eks.amazonaws.com/role-arn|eks.amazonaws.com/role-arn>: arn:aws:iam::{{ .Values.userSettings.accountNumber }}:role/iam-role-flyte
The iam-role-flyte has AmazonS3FullAccesskatrina
<s3://flyte-cluster-bucket>
does the bucket itself have any specific policy?Roberto Ruiz
05/18/2022, 10:02 PMkatrina
Roberto Ruiz
05/23/2022, 2:35 PM{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:*",
"Resource": "arn:aws:s3:::flyte-cluster-bucket"
}
]
}
katrina
iam-role-flyte
have s3 put access?Roberto Ruiz
05/23/2022, 6:25 PMkatrina
Roberto Ruiz
05/23/2022, 6:26 PM"173113148371"
instead of 173113148371
katrina
Roberto Ruiz
05/23/2022, 7:49 PMkatrina