S3 Access Denied when querying Glue Tables in Athena

0

I've loaded some CSV files from an S3 bucket into tables in a Glue DB. I'm trying to query the tables using Athena, but I keep getting this error:

com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: ZP23J6AS5MT0REB3; S3 Extended Request ID: Dy62uU4W+u7Wy1lU1MkmspQiJeVLIosj7lON99eRBE0sDnd4ihd2GqibyozpdmoXQlW/cPAXGqE=; Proxy: null)

There's also extended request ID that has the name of the S3 bucket and path. I'm not sure why I'm getting this because my AWSGlueServiceRole has the AmazonS3FullAccess policy attached to it. The S3 bucket is also designated as a data lake location, but I added the AWSLakeFormationDataAdmin policy to the role as well. Any assistance in troubleshooting is appreciated!

1 Resposta
0

Hi,

Since you are running Athena from the AWS console, you should make sure that the IAM user has the necessary permissions to access the source data S3 bucket and query result S3 bucket. Additionally, please check the S3 bucket policy to confirm that it doesn't explicitly deny access to the account and doesn't include conditions that might deny the requests.

Please also refer these articles for more hints:

https://repost.aws/knowledge-center/access-denied-athena

https://repost.aws/questions/QUSdbxE1dmQHuXATSic08ofg/athena-query-access-denied-when-writing-to-location-s3

Thanks, Rama

profile pictureAWS
Rama
respondido há 5 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas