By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Using boto3 client redshift-data APIs in AWS Glue python shell job gives ConnectTimeoutError error

1

I am getting "ConnectTimeoutError: Connect timeout on endpoint URL: "https://redshift-data.us-east-1.amazonaws.com/" in AWS Glue python shell job when I am using boto3 clients redshift-data APIs. Below are the boto3 APIs I use in python script.

client = boto3.client('redshift-data')

response = client.execute_statement(
                    ClusterIdentifier=redshift_cluster,
                    Database=redshift_db,
                    DbUser=redshift_db_user,
                    Sql=sql,
                    StatementName=stmt_name)

response = client.list_statements(
            MaxResults=2,
            NextToken='',
            RoleLevel=True,
            StatementName=stmt_name,
            Status='ALL'
        )

I am not sure why boto3 client is trying to access "https://redshift-data.us-east-1.amazonaws.com/" endpoint. If I run this script local machine (after setting aws secrets in environment vars), it runs successfully. The issue appears only with Glue job.

The IAM role of Glue job has permissions AWSGlueServiceRole, AmazonRedshiftFullAccess, AmazonRedshiftAllCommandsFullAccess and AmazonRedshiftDataFullAccess.

Any body has idea about this?

Topics
AnalyticsDatabase
Tags
AWS GlueExtract Transform & Load DataAmazon Redshift
Language
English
rePost-User-8975127
asked 2 years ago1117 views
1 Answer
0

According to this AWS Documentation, we can understand that whenever you try to connect to Redshift programmatically then it will inherently make use of the endpoint depending upon your region.

  1. Please do ensure that a connection is attached to your Glue job such that it is able to reach the endpoint. You can add a network connection to your Glue job mentioning the VPC and subnet. Please do ensure that the Glue job has access to reach the redshift endpoint through the subnet mentioned. Please do attach a private subnet with NAT gateway to the Glue job.

  2. Make sure that security group attached to Glue job has a self referencing inbound rule.

  3. Make sure that the security group of redshift cluster is allowing inbound traffic from the security group of Glue job. If it is not, then add an inbound rule to the redshift cluster's security group.

Please refer this article for more details.

profile pictureAWS
SUPPORT ENGINEER
Chaitu
answered 2 years ago
AWS
EXPERT
Fabrizio@AWS
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content