1 Answer
- Newest
- Most votes
- Most comments
0
Sure enough, after putting the resource policy with "EnableHybrid" set to TRUE, the evil AWS Lake Formation still has its say. This is executing in the "borrower" / "external" account:
$ aws athena start-query-execution --query-string 'SELECT * FROM datalake.prod.example' --work-group dev
{
"QueryExecutionId": "REDACTED"
}
$ aws athena get-query-execution --query-execution-id "REDACTED"
{
"QueryExecution": {
"QueryExecutionId": "REDACTED",
"Query": "SELECT * FROM datalake.prod.example",
"StatementType": "DML",
"ResultConfiguration": {
"OutputLocation": "REDACTED"
},
"QueryExecutionContext": {},
"Status": {
"State": "FAILED",
"StateChangeReason": "Insufficient Lake Formation permission(s) on example (Service: AWSGlue; Status Code: 400; Error Code: AccessDeniedException; Request ID: REDACTED; Proxy: null)",
"SubmissionDateTime": "2021-08-22T12:02:37.211000+10:00",
"CompletionDateTime": "2021-08-22T12:02:48.740000+10:00"
},
"Statistics": {
"EngineExecutionTimeInMillis": 10787,
"DataScannedInBytes": 0,
"TotalExecutionTimeInMillis": 11529,
"QueryQueueTimeInMillis": 641,
"ServiceProcessingTimeInMillis": 101
},
"WorkGroup": "dev",
"EngineVersion": {
"SelectedEngineVersion": "Athena engine version 2",
"EffectiveEngineVersion": "Athena engine version 2"
}
}
}
answered 3 years ago
Relevant content
- Accepted Answerasked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago