AthenaListDatabasesError While Accessing Data in Sagemaker

Question

Greetings
I hope you are having a great day.

We were trying to create a Data Wrangler on AWS SageMaker to retrieve our data from AWS Athena to AWS SageMaker. We had this error while specifying the database. We cannot run any query to get the data due to that error. So, can you help us resolve it?
The Error: A customer error has occurred. See the error reason below.

AthenaListDatabasesError: An error occurred when trying to list catalogs from Athena. Try your request again. If the error persists, contact support. Error: An error occurred (MetadataException) when calling the ListDatabases operation: User: arn:aws:sts::[REDACTED]:assumed-role/[REDACTED]/[SERVICE] is not authorized to perform: glue:GetDatabases on resource: arn:aws:glue:[REGION]:[REDACTED]:catalog because no identity-based policy allows the glue:GetDatabases action (Service: AmazonDataCatalog; Status Code: 400; Error Code: AccessDeniedException; Request ID: [REDACTED]; Proxy: null)

Answer

The error indicates that the IAM role being used by the SageMaker Data Wrangler does not have permissions to list databases in the AWS Glue Data Catalog.

To resolve this:

Edit the IAM role attached to the SageMaker Data Wrangler execution role.
Add the following policy to allow Glue Data Catalog access:

```

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "glue:GetDatabases",
                "glue:GetTables" 
            ],
            "Resource": [
                "arn:aws:glue:[REGION]:[ACCOUNTID]:catalog"
            ]
        }
    ]
}
```

AthenaListDatabasesError While Accessing Data in Sagemaker

Relevant content