vanhtuan0409 opened a new issue, #55972: URL: https://github.com/apache/doris/issues/55972
### Search before asking - [x] I had searched in the [issues](https://github.com/apache/doris/issues?q=is%3Aissue) and found no similar issues. ### Version 3.1.0 ### What's Wrong? setup doris using doris-operator running with in EKS. Both FE and BE node is using k8s service account binding with AWS IAM role using IAM IRSA (ref: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) during the creation of storage vault, I got 403 permission denied ### What You Expected? Should be able to setup storage vault ### How to Reproduce? setup an k8s service account with IRSA binding. Create doris cluster using ``` apiVersion: disaggregated.cluster.doris.com/v1 kind: DorisDisaggregatedCluster metadata: name: doris-demo spec: metaService: replicas: 1 image: apache/doris:ms-3.1.0 serviceAccount: warehouse logNotStore: true fdb: address: "xxxxx" requests: cpu: 2 memory: 8Gi limits: cpu: 2 memory: 8Gi feSpec: replicas: 1 image: apache/doris:fe-3.1.0 serviceAccount: warehouse logNotStore: true requests: cpu: 2 memory: 8Gi limits: cpu: 2 memory: 8Gi computeGroups: - uniqueId: cg1 replicas: 1 image: apache/doris:be-3.1.0 serviceAccount: warehouse logNotStore: true skipDefaultSystemInit: true # must be enable to be able to run on fargate requests: cpu: 4 memory: 8Gi limits: cpu: 4 memory: 8Gi ``` create storage vault using ```sql CREATE STORAGE VAULT IF NOT EXISTS s3_vault PROPERTIES ( "type"="S3", "s3.endpoint" = "https://s3.us-east-1.amazonaws.com";, "s3.region" = "us-east-1", "s3.bucket" = "test-datalake-xxxxxx111123", "s3.root.path" = "doris", "use_path_style" = "false", "provider" = "S3" ); ``` ### Anything Else? _No response_ ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
