AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

Facing issue while creating a table in Athena

0

© Exception in User Class: org.apache.spark.sql.catalyst.analysis.AccessControlException : User: arn:aws:sts::awsaccoundid:assumedRole/IAMRole/GlueJobRunnerSessionisnotauthorizedto perform: glue:CreateTable on resource: arn:aws:glue:us-east-1:glueaccountid:table/database/tablename because no identity-based policy allows the glue:CreateTable action (Service: AWSGlue; Status Code: 400; Error Code: AccessDeniedException;) and my code is def createTable (spark: SparkSession, dbName: String, tableName: String, s3FileLocation: Strin var tableDescription: String = "" var schemaString : String = "" if (tableName == "xyz") { tableDescription = "Global Auth Login" schemaString = schema. Tablenameschema.fields .map(field => field.name.replaceAl("""^""", "") .concat (" ") . concat (field. dataType. typeName match { case "timestamp" => "string" case "Long" => "string" case "boolean" => "string" case smt => smt})) .mkString(" , \n") } spark.sql(s"DROP TABLE IF EXISTS ${dbName].${tableName]") val tableQuery = s""" |CREATE EXTERNAL TABLE IF NOT EXISTS ${dbName} .$(tableName] (${schemaString) ISTORED AS PARQUET ¡COMMENT '${tableDescription]' |LOCATION '$(s3FileLocation}" ITBLPROPERTIES ("skip.header . line.count" = "¡") www.stripMargin spark.sql(tableQuery)

トピック
分析
タグ
Amazon AthenaAWS Glue
言語
English
Madhu
質問済み 10ヶ月前336ビュー
1回答
0

Hi Madhu,

From the error message it seems that permissions to create table is missing to IAM role.

Please refer CREATE TABLE section at Fine-grained access to databases and tables in the AWS Glue Data Catalog and add these permissions to IAM role being used here.

Once you add these permissions to respective IAM role either by adding a new policy to role or updating one of the already attached policy to this role, this error would be resolved.

Hope you find this information helpful.

Comment here if you have additional questions, happy to help.

Abhishek

profile pictureAWS
エキスパート
secondabhi_aws
回答済み 10ヶ月前
profile picture
エキスパート
Gary Mclean
レビュー済み 10ヶ月前
  • Madhu
    10ヶ月前

    @secondabhi_aws I had added all the permissions for table and database to create in Athena , "glue:CreateTable", "glue:UpdateTable", "glue:DeleteTable", "glue: BatchDeleteTable", "glue:DeleteTableversion", "glue:BatchDeleteTableversion" "glue:CreatePartition" "glue:UpdatePartition", "glue:DeletePartition", "glue: BatchcreatePartition", "glue: BatchDeletePartition", "glue:CreateUserDefinedFunction" "glue:UpdateUserDefinedFunction" "glue: DeleteUserDefinedFunction", "glue: CreateDatabase" "glue:DeleteDatabase" "glue: UpdateDatabase "glue:Get*" "glue: BatchGet*" -> these are added for both glue id and Aws account id . Let me know if I’m still missing anything

  • secondabhi_aws エキスパート
    10ヶ月前

    Hi Madhu, Can you also mention here the resource section of this policy by masking the account information. That would help me to identify the problem.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ