Is it possible to access AWS S3 on different AWS account with IAM roles on Vertica machine?
We have been using Vertica 9.3 version hosted on AWS EC2 instances on our AWS account A and were able to access S3 bucket on another AWS account B with Bucket policy on that S3 bucket with Principal Role which is assigned to EC2 instances where Vertica is deployed on AWS account A.
AWS account A AWS account B
Vertica 9.3 on EC2 instance with AWS Vertica-role S3 bucket policy Principal Vertica-role
After upgrading to Vertica version 11 we are not able to reach AWS account B S3 bucket with the same setup.
We are told to use ALTER SESSION SET AWSAuth.
For that on AWS account B on S3 bucket we need to have Principal AWS user (instead of a role) and in our SQL queries we need to hardcode accesskey and secretaccesskey of that new AWS user.
ALTER SESSION SET AWSAuth='XXXXXX:XXXXXXXXXXXXXXX';
Vertica documentation says we should use AWS IAM roles to access AWS resources, but we are not able to.
Please tell me there is a way and that I am missing something.