1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
You'd need to grant glue job service role kms:Decrypt access. From the error logs it's evident that it doesn't have access to KMS key here.
You need to find the KMS key and then add this permission to one of the policy in glue job service role. Once you add kms:Decrypt permission for that KMS key, this error would go away.
Refer Setting up encryption in AWS Glue and Encrypting data written by AWS Glue for more details and see which one applies to your case and accordingly add the permissions for kms:Decrypt.
Also make sure there are no explicit deny in that KMS key resource policy, you can check that by going to KMS console, select that key and check key policy.
Hope this helps.
Abhishek
関連するコンテンツ
- AWS公式更新しました 3年前
- AWS公式更新しました 2年前
Do you have any additional questions, happy to help.