https://flyte.org
Join Slack
Menu
Home
Archive
How do you set up the AWS athena provider/plugin? I followed <https://docs.flyte.org/en/latest/deplo...
# flyte-deployment
n
How do you set up the AWS athena provider/plugin? I followed https://docs.flyte.org/en/latest/deployment/plugins/aws/athena.html#deployment-plugin-setup-aws-athena but I'm not sure what 
Ensure that the propeller has the correct service account for Athena.
means
t
Have you tried using the default service account? Are you seeing any error?
n
this is using the default service account
and yea, 
Error when trying to reconcile workflow. Error [failed at Node[n0]. RuntimeExecutionError: failed during plugin execution, caused by: failed to execute handle for plugin [athena]: operation error Athena: StartQueryExecution, failed to sign request: failed to retrieve credentials: failed to retrieve credentials, operation error STS: AssumeRoleWithWebIdentity, https response error StatusCode: 400, RequestID: , api error InvalidIdentityToken: No OpenIDConnect provider found in your account for <https://oidc.eks.us-gov-west-1.amazonaws.com/id/>
g
need to update the role that propeller is using
give it the permission to access the athena
n
is that the AWS iam role? or the service account
g
aws Iam role
n
I added AmazonAthenaFullAccess to the iam-role-flyte. and still running into that issue. is there some weird refresh I need to do?
g
maybe try to restart the propeller
n
did that too and still saw the error
g
cc @high-park-82026
n
not really sure what other explicit perms I need to add.
also added AWSQuicksightAthenaAccess to get the 
athena:StartQueryExecution
perms
g
does it work now?
n
yes
t
@numerous-hamburger-7178, mind creating an issue? If you could also contribute, that'd be amazing!
21 Views
Open in Slack
PreviousNext
Powered by

Flyte

Flyte enables production-grade orchestration for machine learning workflows and data processing created to accelerate local workflows to production.

Powered by