How to use EC2 Metadata - role - confused

I am running an Ec2 single node instance of Dremio.

I want to connect to S3, but without using the access key/secret access key (which I have been, it works)

The Dremio documentation seems woefully inadequate to me here.

Having pasted the ARN into ‘IAM role to assume’ it cannot connect.

Something is being missed here. Are there certain other properties that need to be set up, and if so, can you point me to where in the documentation it exists… because I can’t find it.

Answering myself, it came down to not having a trust relationship defined in the role that was trying to assume a role.

I hadn’t expected that in trying to assume itself I’d need it to trust itself… (perverse)

@spireite If the EC2 instance has an IAM profile attached to it that gives it access to your S3 bucket (as per Dremio docs here: Dremio). Then you can choose EC2 Metadata and leave the IAM Role to Assume as blank.

Ah, the docs didn’t make it clear that I could leave the IAM role blank…