-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow access to multiple s3 buckets from the hub #1455
Comments
Tried to just grant access to the role specified in infrastructure/terraform/aws/buckets.tf Line 46 in 5951fb6
|
Can you flesh out the issue title? It is unclear what "different" refers to...is it scratch buckets? |
@choldgraf no idea how those words went missing! Fixed |
I’ll have to loop you into the emails with the NASA account admin to double check the settings on their end... Last year we also had to add explicit permissions to the hub service account policy, see here https://github.com/snowex-hackweek/jupyterhub/blob/main/terraform/eks/s3-data-bucket.tf Could also test with the following requester-pays bucket. I have no problem accessing this with full S3 permissions on my own AWS account, but from the snowex hub it is permission denied. aws s3 ls --request-payer requester s3://usgs-landsat/collection02/ |
Just noting that aws_iam_role.irsa_role[each.value.hub_name].arn ->
..rather than adding each specific bucket though it seems like all S3 list,read permissions could be default (just exclude permissions to create and delete buckets)? |
- Helpful to grant users on a given hub extra IAM permissions, such as S3 access, db access, etc. - Grant access to two S3 buckets for the SnowEx hackathon based on request Ref 2i2c-org#1455
Fixed by #1488 |
Context
From https://2i2c.freshdesk.com/a/tickets/149,
Proposal
No response
Updates and actions
No response
The text was updated successfully, but these errors were encountered: