stackoom
  简体   繁体   中英

AWS timestream-write gets "An error occurred (AccessDeniedException) when calling the DescribeEndpoints operation: This operation is not allowed."

 原文  2021-03-27 01:25:25       amazon-web-services/ amazon-timestream

Question

I am experimenting the AWS SDK for python to access Timestream. I tried their in house example code from the repository and I wrote my own code to create a database:

import boto3
from botocore.config import Config

client = boto3.client('timestream-write')

response = client.create_database(DatabaseName='test')

Both sample code and my own code got the following error:

AccessDeniedException: An error occurred (AccessDeniedException) when calling the DescribeEndpoints operation: This operation is not allowed.

I googled a bit, but I could not find any information about it. Thanks!

3 answers

solution1
 1 ACCPTED  2021-03-27 08:04:36

Timestream is currently only available in a handful of regions. Make sure the boto3 region configuration set the correct region to those eligible ones.

solution2
 0  2021-03-27 01:58:39

The credentials that you are using to interact with Timestream should use an IAM role that has has either an AWS managed policy or a custom policy that allow you to call timestream:DescribeEndpoints. See this page for an example: https://docs.aws.amazon.com/timestream/latest/developerguide/security_iam_id-based-policy-examples.html

Assuming you configured your environment to use the AWS CLI and ran aws configure , the IAM User that is tied to those credentials should be granted timestream:DescribeEndpoints. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html

You may have gotten this permissions error because you are missing TableName, which is a required parameter. https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateTable.html

solution3
 0  2022-04-22 09:26:16

in your iam role add this permission policy

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
            "timestream:DescribeEndpoints"
        ],
        "Resource": "*"
    }
] }

DescribeEndpoints is called bt sdk in case you defined endpoints interface like this in your vpc query-cell2.timestream..amazonaws.com.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AccessDeniedException for the action that is allowed to a role by a policy on AWS timestream An error occurred (UnauthorizedOperation) when calling the DescribeLaunchTemplates operation? An error occurred (ClientException) when calling the DescribeTaskDefinition operation An error occurred (InvalidParameterException) when calling the PutSubscriptionFilter operation AWS S3 Boto3 Python - An error occurred (AccessDenied) when calling the DeleteObject operation: Access Denied AWS Lambda python boto3 dynamodb table scan - An error occurred (ValidationException) when calling the Scan operation: ExpressionAttributeNames AWS SAM: An error occurred (ValidationError) when calling the CreateChangeSet operation: Parameter 'MaxAllowedPacket' must be a number AWS System Manager start session: An error occurred (TargetNotConnected) when calling the StartSession operation: <instance_id> is not connected AWS Lambda: An error occurred (NoSuchKey) when calling the GetObject operation: The specified key does not exist AWS CLI S3 A client error (403) occurred when calling the HeadObject operation: Forbidden
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM