[英]Programmatically using the AWS CLI to determine whether an Amazon Redshift cluster is deleted
[英]Issue resizing Redshift cluster using AWS CLI
虽然,我已经解决了这个问题。 但请在这里分享我的经验,以便在有人被卡住的情况下对您有所帮助。
根据我们的用例,我们过去经常使用AWS提供的CLI来定期调整AWS Redshift集群的大小。
我们曾经使用以下脚本:
aws redshift modify-cluster --region=eu-west-1 --cluster-identifier test-cluster --node-type dc1.large --number-of-nodes 2
它抛出以下错误:
An error occurred (InternalFailure) when calling the ModifyCluster operation (reached max retries: 4): An internal error has occurred. Please try your query again at a later time.
我尝试使用Google上的错误消息进行搜索,但无法获取太多信息。 我已检查AWS密钥是否已正确部署在运行脚本的计算机上。
这是什么问题,为什么会发生?
我与AWS支持团队联系。 它提出了以下解决方案
我出错的原因是当redshift平台试图代表我的帐户进行描述性VPC调用时,它收到了未经授权的异常,Redshift平台吞并了内部故障。
我必须向用来调整Redshift群集大小的IAM用户添加新的IAM策略。
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"redshift:*",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"sns:CreateTopic",
"sns:Get*",
"sns:List*",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"cloudwatch:PutMetricAlarm",
"cloudwatch:EnableAlarmActions",
"cloudwatch:DisableAlarmActions"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iam:CreateServiceLinkedRole",
"Resource": "arn:aws:iam::*:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "redshift.amazonaws.com"
}
}
}
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.