- Más nuevo
- Más votos
- Más comentarios
It turns out, the objects in the bucket were encrypted with a specific KMS key, even though the bucket settings were set to use an Amazon S3-managed key (SSE-S3). So the error message was correct.
When I exported from HealthLake to S3, it prompted me to create or provide a KMS key to encrypt the output data, so that overrode the bucket-wide encryption settings.
Once I updated the KMS key policy to allow the Glue Crawler's Role and I used a single-region instead of a multi-region KMS key, the error went away.
Thank you Yann,
The section that states 'updated the KMS key policy to allow the Glue Crawler's Role' is what helped me.
I clicked on my KMS Key that I created for moving Healthlake data to S3 and added the IAM role I created for my Glue job (starts with AWSGlueServiceRole) to both 'Key administrators' and 'Key users.'
That did the trick!
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 7 meses