spring data flow : IAM role assignment to pods using pod-annotations

After reading documents for hours I found the required configurations in the below link

https://docs.spring.io/spring-cloud-dataflow/docs/current/reference/htmlsingle/#_annotations

So you need to use the below property definitions under the deployment Platform in your Streams which will allow the skipper to launch the pods with required annotations.

 deployer.data-stream-demo-source.kubernetes.podAnnotations=iam.amazonaws.com/role: arn:aws:iam::XXXXXXX:role/spring-dataflow-test-role deployer.data-stream-demo-sink.kubernetes.podAnnotations=iam.amazonaws.com/role: arn:aws:iam::XXXXXX:role/spring-dataflow-test-role

The default pod-annotation property in the deploy stream definition is not working as expected and not sure it's because of a typo in pod-annotations.

its the same case with other annotations as well (job-annotations,service-annotations).

For now, you can define the required annotation definition in the freetext tab or you can define in the application property level when registering apps to the dataflow server. By the way, I am using spring-cloud-dataflow-server Version: 2.2.1.RELEASE

What you tried as deployment property has a typo in it indeed. To override the podAnnotations at each stream-app level, you should be using it as deployer.<app-name>.kubernetes.podAnnotations for each of the desired apps in the stream definition.

SCDF's K8s-deployer specifically expects the property in that format, and that's why it is not parsed and annotated correctly on the deployed apps. If you're using the UI, however, we attempt to list all the deployer properties in a dialog-window for you automatically, so the value is all is expected from you.

There was a recent discussion around volumeMounts along the same lines in SCDF's Gitter channel. The background discussed in the channel might be useful.