Can't begin tutorial - CF stack from blog won't work - Tutorial: Writing an AWS Glue for Spark script

Question

I cannot begin "[Tutorial: Writing an AWS Glue for Spark script](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-intro-tutorial.html)" because of issues with CloudFormation setup.

The very first step is to run a CloudFormation template accessible in the 2020 blog post "[Making ETL easier with AWS Glue Studio](https://aws.amazon.com/blogs/big-data/making-etl-easier-with-aws-glue-studio/).Alas, clicking the "Launch Template" button produces the error message "S3 error: Access Denied For more information check http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html". Ignoring it and pushing Create Stack just produces the same message. Specifying an existing IAM role doesn't help.

https://aws-bigdata-blog.s3.amazonaws.com/artifacts/gluestudio/cftemplate/CFgluestudio.yaml isn't publicly accessible. The tutorial describes in vague terms the resources created.

This might be related although it's 6 years old and seems to refer to a different tutorial: https://repost.aws/questions/QUq48XDUftTtucHgvasZCDXQ/access-denied-error-on-glue-tutorial-for-flight-data

re:Post Agent · Answer

The issue you're experiencing with the CloudFormation template for the AWS Glue tutorial is likely due to an access problem. This could be caused by several factors:

1. IAM Permissions: Your IAM user or role may not have the necessary permissions to access the S3 bucket containing the CloudFormation template or to create the resources specified in the template. Ensure that your IAM identity has the required permissions, including access to S3 and the ability to create resources like AWS Glue jobs.

2. S3 Bucket Policy: The S3 bucket hosting the CloudFormation template may have a policy that restricts access. If the template URL is no longer publicly accessible, this could explain the "Access Denied" error you're seeing.

3. Template URL: Verify that the template URL is still valid and accessible. If the blog post is older, the template location may have changed.

To resolve this issue, you can try the following steps:

1. Check your IAM permissions and ensure you have the necessary access to S3 and CloudFormation.

2. If you're using a role, make sure it has the appropriate permissions, including the ability to pass roles to AWS Glue.

3. Try to access the template URL directly in your browser to see if it's publicly accessible.

4. If the template is not accessible, you may need to contact AWS support or look for an updated version of the tutorial that uses a different template or method for setting up the resources.

5. As an alternative, you could try to manually create the resources described in the tutorial instead of using the CloudFormation template.

If these steps don't resolve the issue, it may be worth opening a support case with AWS, especially if you believe there's a problem with the tutorial resources themselves.  
**Sources**  
[Resolve S3 Access Denied error in CloudFormation | AWS re:Post](https://repost.aws/knowledge-center/cfn-s3-access-denied-error)  
[Resolve IAM permission errors in CloudFormation | AWS re:Post](https://repost.aws/knowledge-center/cfn-troubleshoot-iam-permission-errors)  
[Access Denied on S3 from AWS Glue | AWS re:Post](https://repost.aws/questions/QUgKy9MPwSTQeCIXwOSQ0EQg/access-denied-on-s3-from-aws-glue)

Can't begin tutorial - CF stack from blog won't work - Tutorial: Writing an AWS Glue for Spark script

Add your answer

Relevant content