使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Using boto3 client redshift-data APIs in AWS Glue python shell job gives ConnectTimeoutError error

1

I am getting "ConnectTimeoutError: Connect timeout on endpoint URL: "https://redshift-data.us-east-1.amazonaws.com/" in AWS Glue python shell job when I am using boto3 clients redshift-data APIs. Below are the boto3 APIs I use in python script.

client = boto3.client('redshift-data')

response = client.execute_statement(
                    ClusterIdentifier=redshift_cluster,
                    Database=redshift_db,
                    DbUser=redshift_db_user,
                    Sql=sql,
                    StatementName=stmt_name)

response = client.list_statements(
            MaxResults=2,
            NextToken='',
            RoleLevel=True,
            StatementName=stmt_name,
            Status='ALL'
        )

I am not sure why boto3 client is trying to access "https://redshift-data.us-east-1.amazonaws.com/" endpoint. If I run this script local machine (after setting aws secrets in environment vars), it runs successfully. The issue appears only with Glue job.

The IAM role of Glue job has permissions AWSGlueServiceRole, AmazonRedshiftFullAccess, AmazonRedshiftAllCommandsFullAccess and AmazonRedshiftDataFullAccess.

Any body has idea about this?

主題
分析資料庫
標籤
AWS Glue提取轉換與載入資料Amazon Redshift
語言
English
rePost-User-8975127
已提問 2 年前檢視次數 1141 次
1 個回答
0

According to this AWS Documentation, we can understand that whenever you try to connect to Redshift programmatically then it will inherently make use of the endpoint depending upon your region.

  1. Please do ensure that a connection is attached to your Glue job such that it is able to reach the endpoint. You can add a network connection to your Glue job mentioning the VPC and subnet. Please do ensure that the Glue job has access to reach the redshift endpoint through the subnet mentioned. Please do attach a private subnet with NAT gateway to the Glue job.

  2. Make sure that security group attached to Glue job has a self referencing inbound rule.

  3. Make sure that the security group of redshift cluster is allowing inbound traffic from the security group of Glue job. If it is not, then add an inbound rule to the redshift cluster's security group.

Please refer this article for more details.

profile pictureAWS
支援工程師
Chaitu
已回答 2 年前
AWS
專家
Fabrizio@AWS
已審閱 2 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容