- 最新
- 最多得票
- 最多評論
When you test a connection, you specify an IAM role that will be used to access resources. That role needs certain permissions. In your case, it seems you're using a role called Awsglue
.
As the error says, that role needs a policy that allows the action glue:GetConnection
on the resource arn:aws:glue:us-west-2:xxxxxxxxxxxx:catalog
. You'll also need a permission for same action over those two connections if no policy includes it already.
Typically with AWS Glue, you'd use a role that includes the AWSGlueServiceRole
AWS managed policy as described in the Setting up IAM permissions for Glue documentation, although you might want to use self-managed policies for more granular controls.
In that case, in the IAM console, click on Roles, search for Awsglue and click on that role. There you will see all the policies attached to that role. Modify one of those existing attached policies or add a new one that includes that action on the necessary resources (catalog and connections). However, you'll likely need to add more permissions to that role if you are going to use it for other purposes in AWS Glue (e.g.: ETL jobs to write to S3). Check adding identity permissions and Actions, resources, and condition keys for AWS Glue in the IAM documentation for further reference.
相關內容
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前