Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EKS Pod Identity support for mountpoint-s3-csi-driver #215

Open
miguelvidex opened this issue Jul 3, 2024 · 7 comments
Open

EKS Pod Identity support for mountpoint-s3-csi-driver #215

miguelvidex opened this issue Jul 3, 2024 · 7 comments
Labels
enhancement New feature or request

Comments

@miguelvidex
Copy link

miguelvidex commented Jul 3, 2024
edited
Loading

/feature

Is your feature request related to a problem? Please describe.

Error: "aws-mountpoint-s3-csi-driver" addon does not support pod identity associations; use IRSA config (addon.serviceAccountRoleARN, addon.attachPolicyARNs, addon.attachPolicy or addon.wellKnownPolicies) instead

Describe the solution you'd like in detail
Pod Identity support for mountpoint-s3-csi-driver

Additional context

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: cluster-name
  region: eu-west-1

addons:
- name: aws-mountpoint-s3-csi-driver
  podIdentityAssociations:
  - serviceAccountName: s3-csi-driver-sa
    namespace: kube-system
    permissionPolicyARNs: ["arn:aws:iam::111111111111111111:policy/AmazonS3CSIDriverPolicy"]
@dannycjones dannycjones added the enhancement New feature or request label Jul 8, 2024
@dannycjones
Copy link
Contributor

Thanks for opening this feature request!

I don't have any information to share right now but I can see why leveraging EKS's new Pod Identity feature with Mountpoint CSI Driver would be beneficial. I'll share this with the team.

@phmcder
Copy link

phmcder commented Aug 13, 2024

Has there been any more thought on this? I'd be very interested in supporting pod identity as I had disabled IRSA as we had configuration issues with it

@muddyfish
Copy link
Contributor

muddyfish commented Aug 14, 2024
edited
Loading

Thanks for your interest in this feature. We don’t have any more information to share right now on supporting EKS Pod Identity, though you can upvote the issue with 👍 to help us see what's needed most.

@mmccarthy404
Copy link

@muddyfish I was curious if there were developments on this issue as it's been a few months since the last update?

@muddyfish
Copy link
Contributor

We still don't have additional updates to share supporting EKS Pod Identity right now. I understand that it's easier to configure than IRSA and requires lower IAM scope. Are there any additional needs for this feature?

@tvandinther
Copy link

From my understanding, this only requires using a version of AWS SDK with pod identity supported in the credential chain. Is there something else preventing this from being an easy fix?

@muddyfish muddyfish changed the title Pod Identity support for mountpoint-s3-csi-driver EKS Pod Identity support for mountpoint-s3-csi-driver Dec 2, 2024
@unexge
Copy link
Contributor

unexge commented Dec 2, 2024

Hey @tvandinther, we haven't looked into implementation details of this feature. Please consider adding 👍 on the original issue to help us with the prioritization of this feature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@dannycjones @muddyfish @phmcder @unexge @miguelvidex @tvandinther @mmccarthy404