Hello, i m trying to configure s3 backup on cluster created with eck.
I createad iam role and service account. Specified pods to use this service account. Then i added initcontainer
initContainers:
- command:
- sh
- -c
- mkdir -p "/usr/share/elasticsearch/config/repository-s3"; ln -s $AWS_WEB_IDENTITY_TOKEN_FILE
"/usr/share/elasticsearch/config/repository-s3/aws-web-identity-token-file"
name: symlink-token
Then i registered repository using kibana UI. And when i click verify i am getting this error
"caused_by": {
"type": "i_o_exception",
"reason": "Unable to upload object [tests-JAHXXjP0SVOG4nMYgNaXYw/master.dat] using a single upload",
"caused_by": {
"type": "sdk_client_exception",
"reason": "sdk_client_exception: Unable to load AWS credentials from any provider in the chain: [org.elasticsearch.repositories.s3.S3Service$CustomWebIdentityTokenCredentialsProvider@37967d45: 1 validation error detected: Value 'initContainers' at 'roleArn' failed to satisfy constraint: Member must have length greater than or equal to 20 (Service: AWSSecurityTokenService; Status Code: 400; Error Code: ValidationError; Request ID: 8d0e30dd-7adf-437d-b24a-d69977a3d3a4), com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@2301c8e9: Unauthorized (Service: null; Status Code: 401; Error Code: null; Request ID: null)]"
}
}
},
"status": 500
},
I don't understand why it trying to use initContainers as role arn and how to change it