1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
From the error message, it seems like the GLue job is unable to connect to the Secrets Manager. This could be due to one the below reasons:
- The permissions for Glue job to read SecretsManager
- If your Glue connection uses a VPC, ensure those Glue connections are listed on your Glue job details > Advanced Properties > Connections
- Ensure you are able to print the correct credentials using print() statements to debug. These statements need to be removed before implementation.
In Glue, if you could refer to the below code as a reference to use in your Pyspark or Python codebase or this link:
import boto3
import json
#loading secrets for retrieving db credentials
secret_arn = "arn:aws:secretsmanager:<region>:<AccountId>:secret:/dev/gluesecret"
region_name = "<region>"
session = boto3.session.Session()
sm_client = session.client(
service_name='secretsmanager',
region_name=region_name
)
db_secret_response = sm_client.get_secret_value(
SecretId=secret_arn
)
if 'SecretString' in db_secret_response:
secret = db_secret_response['SecretString']
secret = json.loads(secret)
user = secret["username"]
password = secret["password"]
답변함 2년 전
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 일 년 전
Thanks for the blog post. I used the snippet of code you provided to prove that my AWSGlueServiceRole-Lab has the correct permissions to get the secret value and provide the correct username and password. Nevertheless when I try to use the AWS Glue Studio Connection that references the secret ARN the job fails with the original error posted above. I confirmed that Connection ->Advance properties are configured with the same vpc, subnet and security group as the target RDS database. :(