Summary
When deploying Airbyte on EKS with local Minio and AWS secrets manager, encountering an issue where AWS credentials might be picked up from Minio environment variables instead of the instance role when adding a destination with a secret.
Question
Hey everyone, trying to deploy Airbyte on EKS with local Minio and AWS secrets manager. Secret manager config is straightforward
"type": "awsSecretManager", # awsSecretManager | googleSecretManager | vault
"storageSecretName": "airbyte-config-secrets",
"awsSecretManager": {
"region": self.region,
"authenticationType": "instanceProfile", # credentials | instanceProfile
},
}```
Deployment is successful. However, when trying to add a destination with a secret, getting this error
```com.amazonaws.services.secretsmanager.model.AWSSecretsManagerException: The security token included in the request is invalid. (Service: AWSSecretsManager; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: 36dfdcba-3924-493e-ae84-b95567d7b2f6; Proxy: null)```
is there a chance AWS credentials are being picked up from Minio env variables, and the secret manager client uses them regardless of instance role
<br>
---
This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. [Click here](https://airbytehq.slack.com/archives/C021JANJ6TY/p1727897365180289) if you want
to access the original thread.
[Join the conversation on Slack](https://slack.airbyte.com)
<sub>
["airbyte", "eks", "aws-credentials", "minio", "aws-secrets-manager", "destination", "error"]
</sub>