Please add support for AWS IRSA in PXB

General

Escalation

General

Escalation

Description

Currently only instance profile is supported when not specifically passing access key and secret key.

Running in AWS EKS makes this useless as the IAM role assumed for the backup will be of the node, which doesn’t allow for fine grained access control.

The standard in EKS is IRSA, and now the newly introduced

I believe it is an industry standard to follow the default AWS credentials provider chain, as can be seen

at for go. It is quite surprising to see such a great tool lacking this basic capability.

Environment

None

Activity

Show:

James Callahan September 18, 2024 at 1:40 AM

This appears to be a limitation with the minio mc client which is used over at e.g.

The mc client doesn’t appear to support AssumeRoleWithWebIdentity. Would you consider swapping to another client for talking to object storage?

Aaditya Dubey April 5, 2024 at 11:13 AM

Thank you for the report and feedback.

Details
Assignee
Unassigned
Reporter
Itiel Olenick
Needs QA
Yes
Needs Doc
Yes
Priority
Medium

Smart Checklist

Created April 4, 2024 at 3:23 PM

Updated September 18, 2024 at 1:40 AM

Configure

Please add support for AWS IRSA in PXB

Description

Environment

Activity

James Callahan September 18, 2024 at 1:40 AM

Aaditya Dubey April 5, 2024 at 11:13 AM

DetailsAssigneeUnassignedUnassignedReporterItiel OlenickItiel OlenickNeeds QAYesNeeds DocYesPriorityMedium

Details

Assignee

Reporter

Needs QA

Needs Doc

Priority

Smart ChecklistOpen Smart Checklist

Smart Checklist

Details
Assignee
Unassigned
Reporter
Itiel Olenick
Needs QA
Yes
Needs Doc
Yes
Priority
Medium

Smart Checklist