Alluxio on kubernetes(EKS) supports s3 connection without aws accessKey and secretKey? Is the s3 connection configurable with role arn alone? We are installing Alluxio on EKS using s3 as a underlaying storage layer. Alluxio cluster is up and running with s3 storage when configurations are done like below (Using aws aceess key and secret)
ALLUXIO_JAVA_OPTS: |--
Dalluxio.master.hostname=alluxio-master-0 -
Dalluxio.master.journal.type=UFS -
Dalluxio.master.journal.folder=/journal -
Dalluxio.security.stale.channel.purge.interval=365d -
Dalluxio.master.mount.table.root.ufs=s3://cubixalluxiodata/ -
Dalluxio.master.mount.table.root.option.aws.accessKeyId=AxxxxxxxxxxxxO -
Dalluxio.master.mount.table.root.option.aws.secretKey=DxxxxxxxxxxxxD*
However we are looking for approach to configure s3 storage for alluxio without accessKey/secretKey. But with a role arn based authentication alone. Please suggest on possibility of the approach.
looks to me you need to use AWS credential profile file (https://docs.alluxio.io/os/user/stable/en/ufs/S3.html#advanced-credentials-setup) to connect to S3. Possibly to setup your AWS instance profile file and share that file to your running image