https://lakefs.io/ logo
Join Slack
Powered by
Hello! I'm an absolute beginner to LakeFS and AWS,...
# help
f
Hello! I'm an absolute beginner to LakeFS and AWS, so please excuse me if something very obvious is unclear to me. I'm following the AWS Deployment tutorials, and currently on the Configuring S3 bucket stage. It's not clear to me what should I put on the <IAM ROLE> placeholder. I understand it's the role assumed by lakefs, but what exactly is this? Thanks in advance for your help!
b
Hello @Felipe Adachi
The S3 bucket's Permission, the role placeholder is part of the principle - https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-bucket-user-policy-specifying-principal-intro.html
The value would be the role in the system that allow the access to the bucket
If you manage the access using key-pair you can use the alternative format in our documentation
Copy code
"Principal": {
   "AWS": ["arn:aws:iam::<ACCOUNT_ID>:user/<IAM_USER>"]
 }
Specifying lakefs user
All the above is to grand permissions to use the S3 bucket
f
Oh, alright!
I think I got it! Thank you for your help!
b
Anytime
f
If I manage using key-pair, when/where do I need to insert my credentials? Upon creating the repository?
I'm at the stage of creating the repo, but it's not being able to access the storage namespace:
Maybe I didn't create the policy right? Or can it be another problem?
b
When you created the repository you entered the s3:// address of the bucket, and in the lakefs.yaml configured key/secret that have access to this bucket?
if you have aws cli - we can try using a cli command to access the bucket to verify that we have this access
f
I'm running docker with -e flags; Should the LAKEFS_AUTH_ENCRYPT_SECRET_KEY value be the secret key from the AWS user? I just put a random string.
I just installed aws cli
b
AUTH_ENCRYPT_SECRET_KEY is random string, not related to the aws user
f
Oh, ok. I still haven't used my key/secret from AWS anywhere. Through aws cli I can access my bucket
Open in Slack
PreviousNext
Powered by