By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Athena Federated Query - Timing out on connect

1

Hello - I am accessing tables in an RDS Aurora Postgres by using an Athena Federated Query. The Lambda can access the postgres because it is reading the tables into the catalog in Athena, but when I try to query the data I get a timeout error.

GENERIC_USER_ERROR: Encountered an exception[com.amazonaws.SdkClientException] from your LambdaFunction[arn:aws:lambda:MyRegion:MyAccount:function:MyFunction] executed in context[retrieving meta-data] with message[Unable to execute HTTP request: Connect to s3.amazonaws.com:443 [s3.amazonaws.com/54.231.192.16] failed: connect timed out]

This seems to be related to the s3 permissions, but I can't suss out where the mismatch is. Do I need a bucket policy? As a principal, I have access to all the s3 resources needed, permissions on Athena, and Lambda also. The Lambda seems to have the correct s3 permissions (read/write for the bucket and all objects in the bucket). Any insight would be helpful!

Thanks!

Topics
AnalyticsServerlessComputeDatabase
Tags
Amazon AthenaAWS LambdaAmazon RDS on VMWare
Language
English
AWS-User-1900218
asked 2 years ago1159 views
2 Answers
2
Accepted Answer

It seems Lambda currently has no internet access. This is most likely because of your VPC configuration. You can check or setup a S3 VPC endpoint and try again.

AWS
Sanjay Aggarwal
answered 2 years ago
  • AWS-User-1900218
    2 years ago

    I set up an S3 VPC endpoint and did not get any change in the error. I used com.amazonaws.s3-global.accesspoint Are there specifics with the endpoint configuration I should look at?

  • AWS-User-1900218
    2 years ago

    Figured it out - You need to selected the region specific service gateway. The Endpoint I mentioned above is an interface.

    After I started a new VPC Endpoint with com.amazonaws.us-east-1.s3 and associated it to my security group, a new line in my sg appeared pl-******** Then I could properly query from Athena.

    Thanks for the push in the right direction!

0

Root Cause: VPC have no internet connection issue, causing Lambda can't access S3.

Solution: Add VPC Gateway Endpoint in Lambda associated VPC.

rePost-User-2608598
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content