How do you set up the AWS athena provider plugin I followed

Question

How do you set up the AWS athena provider plugin I followed <https docs flyte org en latest deployment plugins aws athena html deployment plugin setup aws athena> but I m not sure what `Ensure that the propeller has the correct service account for Athena ` means

Samhita Alla · Answer

Have you tried using the default service account Are you seeing any error

Laura Lin · Answer

this is using the default service account

Laura Lin · Answer

and yea `Error when trying to reconcile workflow Error failed at Node n0 RuntimeExecutionError failed during plugin execution caused by failed to execute handle for plugin athena operation error Athena StartQueryExecution failed to sign request failed to retrieve credentials failed to retrieve credentials operation error STS AssumeRoleWithWebIdentity https response error StatusCode 400 RequestID api error InvalidIdentityToken No OpenIDConnect provider found in your account for <https oidc eks us gov west 1 amazonaws com id >`

Kevin Su · Answer

need to update the role that propeller is using

Kevin Su · Answer

give it the permission to access the athena

Laura Lin · Answer

is that the AWS iam role or the service account

Kevin Su · Answer

aws Iam role

Laura Lin · Answer

I added <https console amazonaws us gov com iamv2 home region=us gov west 1 policies details arn 3Aaws us gov 3Aiam 3A 3Aaws 3Apolicy 2FAmazonAthenaFullAccess|AmazonAthenaFullAccess> to the iam role flyte and still running into that issue is there some weird refresh I need to do

Kevin Su · Answer

maybe try to restart the propeller

Laura Lin · Answer

did that too and still saw the error

Kevin Su · Answer

cc < Haytham Abuelfutuh>

Laura Lin · Answer

I m also just running the example job here <https docs flyte org projects cookbook en stable auto examples athena plugin athena html> The `no io` job

Laura Lin · Answer

not really sure what other explicit perms I need to add

Laura Lin · Answer

also added AWSQuicksightAthenaAccess to get the `athena StartQueryExecution` perms

Laura Lin · Answer

ive figured it out its cuz I was missing <https docs flyte org en latest deployment configuration generated flytepropeller config html aws config>

Kevin Su · Answer

does it work now

Laura Lin · Answer

yes

Samhita Alla · Answer

< Laura Lin> mind creating an issue If you could also contribute that d be amazing