Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Athena Federated Query - Timing out on connect

1

Hello - I am accessing tables in an RDS Aurora Postgres by using an Athena Federated Query. The Lambda can access the postgres because it is reading the tables into the catalog in Athena, but when I try to query the data I get a timeout error.

GENERIC_USER_ERROR: Encountered an exception[com.amazonaws.SdkClientException] from your LambdaFunction[arn:aws:lambda:MyRegion:MyAccount:function:MyFunction] executed in context[retrieving meta-data] with message[Unable to execute HTTP request: Connect to s3.amazonaws.com:443 [s3.amazonaws.com/54.231.192.16] failed: connect timed out]

This seems to be related to the s3 permissions, but I can't suss out where the mismatch is. Do I need a bucket policy? As a principal, I have access to all the s3 resources needed, permissions on Athena, and Lambda also. The Lambda seems to have the correct s3 permissions (read/write for the bucket and all objects in the bucket). Any insight would be helpful!

Thanks!

Temas
AnálisisSin servidorCálculoBase de datos
Etiquetas
Amazon AthenaAWS LambdaAmazon RDS en VMware
Idioma
English
AWS-User-1900218
preguntada hace 2 años1179 visualizaciones
2 Respuestas
2
Respuesta aceptada

It seems Lambda currently has no internet access. This is most likely because of your VPC configuration. You can check or setup a S3 VPC endpoint and try again.

AWS
Sanjay Aggarwal
respondido hace 2 años
  • AWS-User-1900218
    hace 2 años

    I set up an S3 VPC endpoint and did not get any change in the error. I used com.amazonaws.s3-global.accesspoint Are there specifics with the endpoint configuration I should look at?

  • AWS-User-1900218
    hace 2 años

    Figured it out - You need to selected the region specific service gateway. The Endpoint I mentioned above is an interface.

    After I started a new VPC Endpoint with com.amazonaws.us-east-1.s3 and associated it to my security group, a new line in my sg appeared pl-******** Then I could properly query from Athena.

    Thanks for the push in the right direction!

0

Root Cause: VPC have no internet connection issue, causing Lambda can't access S3.

Solution: Add VPC Gateway Endpoint in Lambda associated VPC.

rePost-User-2608598
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante