Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Amazon Athena experienced a permission error with Lambda

0

When I try to execute an Athena query by a Lambda function, I get the following error message:

{"ErrorCategory":2,"ErrorType":1500,"Retryable":false,"ErrorMessage":"Amazon Athena experienced a permission error. Please provide proper permission and submitting the query again. If the issue reoccurs, contact AWS support for further assistance. You will not be charged for this query. We apologize for the inconvenience."}

I added full permission for my lambda role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket/*",
                "arn:aws:s3:::my-bucket"
            ]
        },
        {
            "Sid": "VisualEditor2",
            "Effect": "Allow",
            "Action": "athena:*",
            "Resource": "*"
        }
    ]
}

With that lambda function, I could run the query successfully from my local. How can I find out which permission is missing when running AWS Lambda?

Argomenti
AnalisiServerlessComputazionali
Tag
Amazon AthenaAWS Lambda
Lingua
English
rePost-User-3071397
posta un anno fa471 visualizzazioni
1 Risposta
1

Hi,

Please verify that you are using the correct lambda execution role.

Please refer to the below articles for more information: https://aws.amazon.com/premiumsupport/knowledge-center/schedule-query-athena/ https://docs.aws.amazon.com/athena/latest/ug/federated-query-iam-access.html https://docs.aws.amazon.com/quicksight/latest/user/troubleshoot-connect-athena.html

AWS
TECNICO DI SUPPORTO
Rishabh_D
con risposta un anno fa
AWS
ESPERTO
Fabrizio@AWS
verificato un anno fa
  • rePost-User-3071397
    un anno fa

    Thanks for your information. The issue has been resolved after adding below policy (when trigger athena.startQueryExecution(...), it will invoke a Athena's lambda connector): { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:us-west-2:accountID:function:test-datasource-connector" ] } ] }

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente