S3 Access Denied when querying Glue Tables in Athena

0

I've loaded some CSV files from an S3 bucket into tables in a Glue DB. I'm trying to query the tables using Athena, but I keep getting this error:

com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: ZP23J6AS5MT0REB3; S3 Extended Request ID: Dy62uU4W+u7Wy1lU1MkmspQiJeVLIosj7lON99eRBE0sDnd4ihd2GqibyozpdmoXQlW/cPAXGqE=; Proxy: null)

There's also extended request ID that has the name of the S3 bucket and path. I'm not sure why I'm getting this because my AWSGlueServiceRole has the AmazonS3FullAccess policy attached to it. The S3 bucket is also designated as a data lake location, but I added the AWSLakeFormationDataAdmin policy to the role as well. Any assistance in troubleshooting is appreciated!

bhorvic
preguntada hace 5 meses401 visualizaciones
1 Respuesta
0

Hi,

Since you are running Athena from the AWS console, you should make sure that the IAM user has the necessary permissions to access the source data S3 bucket and query result S3 bucket. Additionally, please check the S3 bucket policy to confirm that it doesn't explicitly deny access to the account and doesn't include conditions that might deny the requests.

Please also refer these articles for more hints:

https://repost.aws/knowledge-center/access-denied-athena

https://repost.aws/questions/QUSdbxE1dmQHuXATSic08ofg/athena-query-access-denied-when-writing-to-location-s3

Thanks, Rama

profile pictureAWS
Rama
respondido hace 5 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas