Hey,
I am setting up a pipeline to run import Aurora exported Snapshots. But I do get an error messages when running this copy command:
COPY tableA
FROM 's3://my-export-bucket/export-2020-12-10-1m8hbn/service/app.tableA/'
IAM_ROLE 'arn:aws:iam::xxxxxxx:role/RedshiftRole'
FORMAT AS PARQUET;
I get:
[2020-12-17 15:21:32] [XX000][500310]
[2020-12-17 15:21:32] [Amazon](500310) Invalid operation: Spectrum Scan Error
[2020-12-17 15:21:32] Details:
[2020-12-17 15:21:32] -----------------------------------------------
[2020-12-17 15:21:32] error: Spectrum Scan Error
[2020-12-17 15:21:32] code: 15001
[2020-12-17 15:21:32] context: Error: HTTP response error code: 403 Message: AccessDenied Access Denied
[2020-12-17 15:21:32] x-amz-request-id: A6C1550481534373
[2020-12-17 15:21:32] x-amz-id-2: aouS/sKqNsXECBWdKVMwJMU1w90EBSPM2xVL8fy2fe4xmaSkchUP94kZiim3ZQHrovMGfVmZwlY=
[2020-12-17 15:21:32] query: 30427038
[2020-12-17 15:21:32] location: dory_util.cpp:945
[2020-12-17 15:21:32] process: fetchtask_thread [pid=13477]
[2020-12-17 15:21:32] -----------------------------------------------;
My Bucket Policy is in place:
{
"Sid": "BucketPolicyForSpectrum",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::xxxxx:root"
},
"Action": [
"s3:GetObject",
"s3:List*"
],
"Resource": "arn:aws:s3:::my-export-bucket/*",
"Condition": {
"StringEquals": {
"aws:UserAgent": "AWS Redshift/Spectrum"
}
}
}
Any ideas how to debug this?
AWS 官方已更新 3 年前