Distributed Storage Authentication in EKS

In the Dremio_v2 helm chart’s “Values-Reference.md”, I see the following:


Type: String

The valid values for distStorage.aws.authentication are:

  • metadata (default) - Dremio will attempt to use the instance profile of the EKS node to authenticate to the S3 bucket.
  • accessKeySecret - The values distStorage.aws.credentials.accessKey and distStorage.aws.credentials.secret are used to authenticate.
  • awsProfile - The distStorage.aws.credentials.awsProfileName value is used to authenticate.

Note: Dremio does not support service account IAM roles on EKS.

I would like to avoid using access key and secret, and use service account. Is this not supported at all? Is there no workaround if not supported?

@kyleahn Available options are

  • EC2 Metadata
  • AWS Profile
  • Access/Secret Key


1 Like