To configure DAS to use the AWS for its operations:
Remove the configuration of the
settingsKubernetes configuration map.
credentialsKubernetes secret. Make sure that
aws_regionhas the right value. Step 1 and Step 2 allows DAS to access the necessary AWS resources.
Check the IAM policies for the IAM credentials provided allow DAS not only to access the S3, DDB, KMS, and ES resources, but also to create and delete them. This is because DAS will create the resources it needs.
Determine a unique resource prefix for the deployment and configure it to
settingsconfiguration map under field
resource_prefix. This prefix is prepended to all DDB and S3 resources created and accessed to render the names globally unique. This is because AWS requires some resources to have globally unique names (in particular, S3). Once the prefix is assigned, it can’t be changed.
Provide the DAS with the KMS encryption key to use by configuring the key id (uuid) with command line option
--kms-key-idfor all the pods. If no key is provided, the data is not encrypted in storage.
Finally, it is the responsibility of the DAS to execute any necessary upgrade steps in its operations when moving from one version to another. There are no additional upgrade steps required, unless otherwise mentioned.