AccessDedied Error on trying to exec athena quey from python/boto3

Question

Error details
com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied;

I'm starting a query execution in python (boto3) and checking whether it finishes. But I'm always getting a FAILED status message. On the other hand, when I check the recent queries in Athena I can see the message above. My intention is to start the query, check completion and download the result file from S3 bucket. Can anyone help? Thanks!

Accepted Answer

When calling Athena from a Lambda function, you need to ensure the Lambda function's execution role has permission to access your Amazon S3 buckets. That same logic applies to other ways you can run your code, such as Amazon EC2 or Amazon ECS, and includes both the source bucket and the destination bucket. For example, take a look at the AWS Managed Rule AmazonAthenaFullAccess below. Note that this includes actions like s3:PutObject and s3:AbortMultipartUpload that Athena may use to create temporary files, not just read actions like S3:GetObject or S3:ListBucket.

Relevant Links:

**Relevant Links:**
* https://docs.aws.amazon.com/athena/latest/ug/security-iam-athena.html
* https://docs.aws.amazon.com/athena/latest/ug/managed-policies.html

Answer

Thanks! It was a matter of adding the right permissions to the user's role.

AccessDedied Error on trying to exec athena quey from python/boto3

관련 콘텐츠