[英]Fetching data from Athena and glue permissions
I am using the code listed here to query data using Athena https://gist.github.com/schledererj/b2e2a800998d61af2bbdd1cd50e08b76我正在使用此处列出的代码使用 Athena https://gist.github.com/schledererj/b2e2a800998d61af2bbdd1cd50e08b76查询数据
This needs the below policy to work -这需要以下政策才能起作用 -
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "BroadAccess",
"Action": [
"glue:GetTable",
"glue:GetPartitions"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
Why is permission required for Glue resources for this to work?为什么 Glue 资源需要许可才能工作?
Athena uses the Glue catalog to store all the information about databases and tables. 雅典娜使用Glue目录存储有关数据库和表的所有信息。 Athena itself is just the execution engine.
雅典娜本身只是执行引擎。 When you run a query in Athena it starts by parsing the SQL, then asking Glue about the tables that are included in the query, what columns they have, and where their data is located.
当您在Athena中运行查询时,它首先解析SQL,然后询问Glue有关查询中包含的表,它们具有哪些列以及它们的数据位于何处。 It uses this information to validate the query (do all the columns mentioned in the query exist, for example), and then it uses the data location(s) to plan the execution of the query.
它使用此信息来验证查询(例如,是否存在查询中提到的所有列),然后使用数据位置来计划查询的执行。
You can read all about how Athena and Glue work together in the Integration with AWS Glue document. 您可以在与AWS Glue集成文档中阅读有关Athena和Glue如何协同工作的所有信息。
I would not suggest using BroadAccess
operations as you want.我不建议您随意使用
BroadAccess
操作。 Take a look at this page " Fine-Grained Access to Databases and Tables in the AWS Glue Data Catalog " and find what are the permissions that your application need.查看此页面“ 对 AWS Glue 数据目录中的数据库和表进行精细访问”并找到您的应用程序需要的权限。 Then add on the
"Action": []
array property of your configuration.然后添加
"Action": []
配置的数组属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.