Creation of duplicate IAM policy for thanos bucket
Closed this issue ยท 3 comments
Only create the policy if create_bucket is done in thanos.tf
count = local.thanos["enabled"] && local.thanos["create_bucket"] && local.thanos["create_iam_resources_irsa"] ? 1 : 0
Hello again,
Thank you for providing another correction. As for issue #65 , this will be fixed shortly.
Best regards,
๐ This issue has been resolved in version 1.27.2 ๐
The release is available on GitHub release
Your semantic-release bot ๐ฆ๐
This is not a duplicate policy. If prometheus is creating the S3 bucket, Thanos component still need access to it, like compactor and storage gateway. So this policy is needed and not a duplicate. This allow to plug thanos to an existing bucket (like the kube-prometheus one) or to create a bucket directly in thanos and plug kube-prometheus on it (you can do it in any way you want).
Our default configuration is to create the bucket in prometheus and plug thanos on it.
fixes will be reverted: #69