0

I have one ECS service it is running zeppelin, I have configured zeppelin to access save the notebook in s3 bucket .

I have created a bucket and also made sure both bucket and ECS have same role. s3 bucket has the read and write policy enabled for this same role.

when my application runs I am getting below error

Caused By Exception in thread "main" com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain - error - when trying to load model from S3

is there a way to enable s3 access using roles/profile from ECS with fargate

Mark B
  • 183,023
  • 24
  • 297
  • 295
scoder
  • 2,451
  • 4
  • 30
  • 70
  • Is [AWS PrivateLink](https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/access-container-applications-privately-on-amazon-ecs-by-using-aws-fargate-aws-privatelink-and-a-network-load-balancer.html) an option to you? Also can refer [this](https://aws.amazon.com/blogs/compute/setting-up-aws-privatelink-for-amazon-ecs-and-amazon-ecr/) blog on AWS – amitd Feb 11 '21 at 12:48
  • It's not possible to assign an IAM role to an S3 bucket, so the statement "I have created a bucket and also made sure both bucket and ECS have same role" makes no sense. – Mark B Feb 11 '21 at 14:00

1 Answers1

1

When creating an ECS task you specify a "Task Execution Role" to give ECS the permission it needs to deploy your task, such as permission to access the ECR repository to load the image. You can also specify a "Task Role" that gives the task permission to access AWS resources. For example if the application running in your task needs to access S3 you would specify that as a "Task Role".

It sounds like you have not specified a task role for your ECS task, which is why the application cannot find any AWS credentials.

Mark B
  • 183,023
  • 24
  • 297
  • 295