Hello! I have a deployment up and running (mostly?...
# flyte-deployment
m
Hello! I have a deployment up and running (mostly?) in AWS right now. However, when I am trying to run something with
pyflyte
I am getting the following error:
Copy code
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNKNOWN
        details = "failed to create a signed url. Error: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
I have been double checking all the SAs and everything seems to be in order but obviously I am missing something. Any pointers would be appreciated!
r
m
Yeah, the trust relationships look right on
flyte-user-role
and
iam-role-flyte
The ODIC provider is also created in the cluster.
k
it has to be the role / service account for the FlyteAdmin pod
m
Thanks! I was wondering what SA was being used under the hood and I couldn't find it in the logs. I'll go double check that one.
Does it matter if I have it behind a route53 zone? I feel like it shouldn't…but better to ask.
k
It is fine ofcourse
254 Views