En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Athena Federated Query - Timing out on connect

1

Hello - I am accessing tables in an RDS Aurora Postgres by using an Athena Federated Query. The Lambda can access the postgres because it is reading the tables into the catalog in Athena, but when I try to query the data I get a timeout error.

GENERIC_USER_ERROR: Encountered an exception[com.amazonaws.SdkClientException] from your LambdaFunction[arn:aws:lambda:MyRegion:MyAccount:function:MyFunction] executed in context[retrieving meta-data] with message[Unable to execute HTTP request: Connect to s3.amazonaws.com:443 [s3.amazonaws.com/54.231.192.16] failed: connect timed out]

This seems to be related to the s3 permissions, but I can't suss out where the mismatch is. Do I need a bucket policy? As a principal, I have access to all the s3 resources needed, permissions on Athena, and Lambda also. The Lambda seems to have the correct s3 permissions (read/write for the bucket and all objects in the bucket). Any insight would be helpful!

Thanks!

Sujets
AnalytiqueSans serveurCalculBase de données
Balises
Amazon AthenaAWS LambdaAmazon RDS on VMWare
Langue
English
AWS-User-1900218
demandé il y a 2 ans1179 vues
2 réponses
2
Réponse acceptée

It seems Lambda currently has no internet access. This is most likely because of your VPC configuration. You can check or setup a S3 VPC endpoint and try again.

AWS
Sanjay Aggarwal
répondu il y a 2 ans
  • AWS-User-1900218
    il y a 2 ans

    I set up an S3 VPC endpoint and did not get any change in the error. I used com.amazonaws.s3-global.accesspoint Are there specifics with the endpoint configuration I should look at?

  • AWS-User-1900218
    il y a 2 ans

    Figured it out - You need to selected the region specific service gateway. The Endpoint I mentioned above is an interface.

    After I started a new VPC Endpoint with com.amazonaws.us-east-1.s3 and associated it to my security group, a new line in my sg appeared pl-******** Then I could properly query from Athena.

    Thanks for the push in the right direction!

0

Root Cause: VPC have no internet connection issue, causing Lambda can't access S3.

Solution: Add VPC Gateway Endpoint in Lambda associated VPC.

rePost-User-2608598
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents