By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AccessDedied Error on trying to exec athena quey from python/boto3

0

Error details com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied;

I'm starting a query execution in python (boto3) and checking whether it finishes. But I'm always getting a FAILED status message. On the other hand, when I check the recent queries in Athena I can see the message above. My intention is to start the query, check completion and download the result file from S3 bucket. Can anyone help? Thanks!

  • vtjean
    a year ago

    Where is your python (boto3) code being executed? Lambda? EC2? Fargate?

Topics
StorageAnalyticsSecurity, Identity, & Compliance
Tags
Amazon Simple Storage ServiceAmazon AthenaIAM Policies
Language
English
mathdonadio
asked a year ago236 views
2 Answers
0
Accepted Answer

When calling Athena from a Lambda function, you need to ensure the Lambda function's execution role has permission to access your Amazon S3 buckets. That same logic applies to other ways you can run your code, such as Amazon EC2 or Amazon ECS, and includes both the source bucket and the destination bucket. For example, take a look at the AWS Managed Rule AmazonAthenaFullAccess below. Note that this includes actions like s3:PutObject and s3:AbortMultipartUpload that Athena may use to create temporary files, not just read actions like S3:GetObject or S3:ListBucket.

Relevant Links:

AWS
David
answered a year ago
profile picture
EXPERT
Gary Mclean
reviewed 22 days ago
0

Thanks! It was a matter of adding the right permissions to the user's role.

mathdonadio
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content