Object Store with IRSA not working #474
Description
I have applied the following configuration to my cluster in order to enable WAL archiving.
My Object storage is S3, CNPG is running in EKS, and I want to configure access via IRSA.
Cluster:
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
spec:
serviceAccountTemplate:
metadata:
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::<redacted>
plugins:
- name: barman-cloud.cloudnative-pg.io
isWALArchiver: true
parameters:
barmanObjectName: objectstore
ObjectStore:
apiVersion: barmancloud.cnpg.io/v1
kind: ObjectStore
metadata:
name: objectstore
spec:
configuration:
data:
compression: bzip2
destinationPath: s3://<redacted>/<folder>
wal:
compression: bzip2
maxParallel: 16
Policy attached to SA:
{
Action: [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject",
],
Effect: "Allow",
Resource: [
"arn:aws:s3:::<redacted>",
"arn:aws:s3:::<redacted>/*",
],
},
However, the WAL archiving is not working with the following error, complaining about missing Azure credentials even though my Object Storage is hosted by AWS.
{"level":"error","ts":"2025-08-13T17:06:02.383971021Z","logger":"wal-archive","msg":"Error while calling ArchiveWAL, failing","pluginName":"barman-cloud.cloudnative-pg.io","logging_pod":"metabase-database-3","error":"rpc error: code = Unknown desc = missing Azure credentials","stacktrace":"github.com/cloudnative-pg/machinery/pkg/log.(*logger).Error\n\tpkg/mod/github.com/cloudnative-pg/[email protected]/pkg/log/log.go:125\ngithub.com/cloudnative-pg/cloudnative-pg/internal/cnpi/plugin/client.(*data).ArchiveWAL\n\tinternal/cnpi/plugin/client/wal.go:69\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/postgres/archiver.archiveWALViaPlugins\n\tpkg/management/postgres/archiver/archiver.go:295\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/postgres/archiver.internalRun\n\tpkg/management/postgres/archiver/archiver.go:156\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/postgres/archiver.Run\n\tpkg/management/postgres/archiver/archiver.go:141\ngithub.com/cloudnative-pg/cloudnative-pg/internal/cmd/manager/walarchive.NewCmd.func1\n\tinternal/cmd/manager/walarchive/cmd.go:65\ngithub.com/spf13/cobra.(*Command).execute\n\tpkg/mod/github.com/spf13/[email protected]/command.go:1015\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\tpkg/mod/github.com/spf13/[email protected]/command.go:1148\ngithub.com/spf13/cobra.(*Command).Execute\n\tpkg/mod/github.com/spf13/[email protected]/command.go:1071\nmain.main\n\tcmd/manager/main.go:71\nruntime.main\n\t/opt/hostedtoolcache/go/1.24.5/x64/src/runtime/proc.go:283"}
Versions:
CNPG 1.26.1
Barman Cloud Plugin 0.5.0