-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Databricks permission issue to access S3 #1744
Comments
Hey @sunank200 what is this airflow instance? this doesn't appear to be a part of our CI/CD? Do we need to upload creds separately to this perhaps? |
@dimberman This URL is of astro-cloud as part of running example DAGs on astro-cloud. On astro cloud it's @rajaths010494 's credential. Can you confirm @rajaths010494 ? But this happens on CI/CD as well. For example https://github.com/astronomer/astro-sdk/actions/runs/4132642982/jobs/7141598599 This seems flaky. |
Yeah, the credentials are mine used in Astro cloud. |
@dimberman will be giving KT on databricks this week and cover this as well |
When I run this DAG locally with personal creds it runs fine, but fails in CI #1585. My best guess is that the credentials are expired for S3. I'm gonna let this run one more time and if it fails I'm going to cycle the creds. |
Do we have any alternatives to using personal credentials to run Databricks on the CI? |
@tatiana not yet, but we can discuss in our 1:1 |
any update on this? |
@tatiana @dimberman have we explored any alternatives on the solution? For example using IAM passthrough this may be an option |
@phanikumv I'd be happy with that! The sooner we can close this ticket and #1585, the better. |
I looked up for this here https://kb.databricks.com/en_US/security/forbidden-access-to-s3-data They are suggesting to use IAM roles instead of IAM keys. We might want to try this. |
Describe the bug
Currently, the CI is failing for Databricks. More details can be found at: https://astronomer.astronomer.run/dhb539ck/log?dag_id=example_load_file&task_id=load_file__23&execution_date=2023-02-08T00%3A00%3A00%2B00%3A00&map_index=-1
The text was updated successfully, but these errors were encountered: