[Feature] Update AWS SDK in FE to support EKS Pod Identity #60496
Description
Search before asking
- I had searched in the issues and found no similar issues.
Description
It looks like the AWS SDK version in use is lower than the required version to support EKS Pod Identity
Good news, everyone! We've added support for EKS Pod Identity in v1, starting in SDK version 1.12.746.
Upgrading the AWS SDK will then allow us to use EKS Pod Identity to access resources in AWS within EKS.
Use case
Securely access AWS resources when Doris is running in EKS, without insecurely sharing access keys and secrets. Although dedicated nodes with dedicated instance profile roles works it would be great to additionally support EKS Pod Identity.
Currently, we get this error in Doris doris-4.0.2-rc02-30d2df04594
Caused by: com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)), SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), WebIdentityTokenCredentialsProvider: You must specify a value for roleArn and roleSessionName, com.amazonaws.auth.profile.ProfileCredentialsProvider@6633befb: profile file cannot be null, com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@28ea8c66: The full URI (http://169.254.170.23/v1/credentials) contained withing environment variable AWS_CONTAINER_CREDENTIALS_FULL_URI has an invalid host. Host should resolve to a loopback address or have the full URI be HTTPS.]
Related issues
No response
Are you willing to submit PR?
- Yes I am willing to submit a PR!
Code of Conduct
- I agree to follow this project's Code of Conduct