AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

EMR clusters not running

0

Hi! I had several workflows that are running on AWS EMR with spark. Since a yesterday the cluster creation step is failing.

On the events of the cluster I see a VALIDATION_ERROR with no details. On the termination message I see EMR_DefaultRole has insufficient EC2 permissions

I've recheck my roles, recreate them, and also give them the admin policy and even with all of this the cluster does not start. Also I thought it could be some aws bug deployed so I've tried different combinations of instance type, emr versions, creating new default roles, etc. Nothing worked. On cloud trail I always see that the role is not authorized on ec2, even with the full admin policy.

Has someone experience something similar? how did you fix it? Thanks in advance!

주제
보안, 신원 및 규정 준수분석
태그
AWS 자격 증명 및 액세스 관리아마존 EMR
언어
English
Hector
질문됨 일 년 전313회 조회
1개 답변
0
수락된 답변

Check to see if you have a policy or SCP in place that requires the Instance Metadata Service V2 that is being applied to the account you are running in. This can prevent starting any instances that are not at IMDS v2. This shows as a permissions error and is really hard to link back to a policy issue/change. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html

profile pictureAWS
Keith_AWS
답변함 일 년 전
AWS
지원 엔지니어
Yokesh NK
검토됨 2달 전
  • Hector
    일 년 전

    Thanks! I found it was a restriction with the SCP that did not allow starting instances on subnets with public IPs. Changing it to private ones solved the issue

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠