- Newest
- Most votes
- Most comments
I've seen this issue quite a few times myself. Here is how I'd troubleshoot this issue:
First check if glue job service role has write access to S3 bucket and if S3 bucket is SSE-KMS CMK encrypted, then you need to grant your glue job service that KMS key access too. Additionally make sure there are no explicit deny in KMS key policy and bucket policyl, otherwise you'll need to update KMS Key policy and bucket policy allowing glue job service role access to it.
If you have cloudtrail enabled for data events, query the cloudtrail data through Athena for that request id. Most likely you'll see that your glue job is trying to put/get/delete something from a random temp bucket. And if that would not be the case, then you'll se which bucket, what action is being denied. On that basis, add those permissions to your glue job service role and run the job again.
Additionally refer Encrypting data written by AWS Glue.
Hope you find this helpful.
Comment here if you have additional questions, happy to help.
Abhishek
Or he is just missing permission on the given bucket he's trying to write the final result.
Yes, absolutely that can be the reason. I should probably mention second part of my answer first. :) With glue, sometimes it becomes little intricate to find the actual cause since spark is involved. First thing is definitely check the s3 bucket and it's KMS key, if glue job service role has access to this bucket and it's KMS key, also make sure there are no explicit deny in KMS key and s3 bucket policy as well. But if that doesn't resolve the issue, then I'd suggest to check the cloudtrail and make sure you know that exact cause.
Were you able to find the cause of the issue. Do you have any additional questions, feel free to comment here.
Relevant content
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
Does the role attached to the glue job has permission to put objects on the desired bucket ?