Pod Identity support for mountpoint-s3-csi-driver

Question

Pod Identity support for mountpoint-s3-csi-driver

Opened this issue 5 months ago · 5 comments

/feature

Is your feature request related to a problem? Please describe.

Error: "aws-mountpoint-s3-csi-driver" addon does not support pod identity associations; use IRSA config (addon.serviceAccountRoleARN, addon.attachPolicyARNs, addon.attachPolicy or addon.wellKnownPolicies) instead

Describe the solution you'd like in detail
Pod Identity support for mountpoint-s3-csi-driver

Additional context

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: cluster-name
  region: eu-west-1

addons:
- name: aws-mountpoint-s3-csi-driver
  podIdentityAssociations:
  - serviceAccountName: s3-csi-driver-sa
    namespace: kube-system
    permissionPolicyARNs: ["arn:aws:iam::111111111111111111:policy/AmazonS3CSIDriverPolicy"]

Answer 1 · 2024-07-08T15:25:21.000Z

Thanks for opening this feature request!

I don't have any information to share right now but I can see why leveraging EKS's new Pod Identity feature with Mountpoint CSI Driver would be beneficial. I'll share this with the team.

Answer 2 · 2024-08-13T19:51:19.000Z

Has there been any more thought on this? I'd be very interested in supporting pod identity as I had disabled IRSA as we had configuration issues with it

Answer 3 · 2024-08-14T16:01:16.000Z

Thanks for your interest in this feature. We don’t have any more information to share right now on supporting EKS Pod Identity, though you can upvote the issue with 👍 to help us see what's needed most.

Answer 4 · 2024-10-08T02:27:15.000Z

@muddyfish I was curious if there were developments on this issue as it's been a few months since the last update?

Answer 5 · 2024-10-08T09:00:28.000Z

We still don't have additional updates to share supporting EKS Pod Identity right now. I understand that it's easier to configure than IRSA and requires lower IAM scope. Are there any additional needs for this feature?