Hi
I have a data in S3 which is exposed from Glue Catalogue with a table. The Athena gives the following error when accessing this table.
HIVE_UNKNOWN_ERROR: com.amazonaws.services.lakeformation.model.InvalidInputException: Unable to assume role. Please verify Lake Formation has access to role arn:aws:iam::289301669695:role/aws-reserved/sso.amazonaws.com/eu-central-1/AWSReservedSSO_Admin_d6ea6773e5ad46b6 (Service: AWSLakeFormation; Status Code: 400; Error Code: InvalidInputException; Request ID: 93e11aa6-46e2-47bb-be99-4dddbc7bb820; Proxy: null)
Please note:
- My user is AWSReservedSSO_Admin_d6ea6773e5ad46b6 with admin/all access granted to access all resources (IAM policy = allow all resources)
- The catalogue table definition is here.
- The following grants are provided
The issue was that, the when the lake formation has created the datalake location, the role was not assigned to AWSServiceRoleForLakeFormationDataAccess