Access denied when writing to location: s3://[bucket]/queryDailyInventory/Unsaved/2019/07/10/4da06507-a43f-4db0-bd46-81660e58fe35.txt
This query ran against the "default" database, unless qualified by the query. Please post the error message on our forum or contact customer support with Query Id: 4da06507-a43f-4db0-bd46-81660e58fe35.
大家好
以上是完整的报错信息,除删除了包含一些隐私信息的bucket name外,其他没有变化。这个存储桶是公共(public)的,我已经通过创建文件和文件夹来展示我对该存储桶的写入权限。但是,我的雅典娜查询设置为写入此文件夹(使用雅典娜控制台右上角的设置)。顺便说一下,我的 athena 控制台设置为 eu-west-1 以匹配存储桶的位置。
最佳答案
问:您用来访问 Athena 的政策如何?
Athena 可能需要对存储桶的简单 PutItem 写访问权限,如文档中所述。 [1]
托管策略 AmazonAthenaFullAccess 包含以下语句:
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload",
"s3:CreateBucket",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::aws-athena-query-results-*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::athena-examples*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": [
"*"
]
}
注意:请根据您的bucket ARN调整资源名称(最后一条除外)。
[1] https://docs.aws.amazon.com/athena/latest/ug/amazonathenafullaccess-managed-policy.html
关于amazon-web-services - 为什么 Amazon Athena 会抛出 "Access denied when writing to location"错误?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57006423/
相关文章:
angular - Ionic 4 - 在平台硬件后退按钮 android 上关闭或关闭模态
ios - 如果先前已加载某些网页,WKWebView 不会加载 .archive 文件
react-native - 位于 "node_modules/web3-eth-accounts/
django - 如何解决“"django.core.exceptions.AppRegistryN
java - 在非 View 或非 ViewModel 类中观察 LiveData
wordpress - 如何优化WP_Query(包括CPT和ACF)