I am unable to connect AWS Glue with RDS
VPC S3 endpoint validation failed for SubnetId: subnet-7e8a2. VPC: vpc-4d2d25.
Reason: Could not find S3 endpoint or NAT gateway for subnetId: subnet-7ea32 in Vpc vpc-4d225.
Could not find S3 endpoint or NAT gateway for subnetId
Asked Answered
Welcome to StackOverflow! For us to be able to assist with this question, you will need to provide more information. For example, what were you wanting to accomplish? What did you do that led to this error? Can you outline the exact steps you took? Feel free to edit the question with more details. –
Caton
Check that you have an Amazon S3 VPC endpoint set up, which is required with AWS Glue.
For more details on how to setup a S3 VPC endpoint please refer the following AWS documentation :
https://docs.aws.amazon.com/glue/latest/dg/vpc-endpoints-s3.html
This is the correct answer. Once you've created the endpoint, note that the route tables will not be created by default! You must add them yourself, and can inherit the ones used by the VPC if you wish. –
Oblige
@Oblige could you specify a bit more what I would need to add in the route table? –
Glacialist
@Glacialist you're lucky I've kept my notes for more than a year! The endpoint you create for the S3 bucket has route tables. They can inherit the route tables from the VPC that you created for Glue, though you can also just use a single subnet's range. –
Oblige
The mistake I was making is that I was setting up an endpoint for Glue and not S3. Check your VPC endpoint and make sure that it was created for S3.
This solved the problem for me:
https://aws.amazon.com/premiumsupport/knowledge-center/glue-s3-endpoint-validation-failed/
How do I troubleshoot the AWS Glue error "VPC S3 endpoint validation failed for SubnetId"?
You get this error when the following conditions are true:
- You're using an AWS Glue connection with your AWS Glue job or AWS Glue crawler.
- The subnet configured for your AWS Glue connection doesn't have an Amazon Simple Storage Service (Amazon S3) Virtual Private Cloud (VPC) endpoint or a NAT gateway setup.
Setting up an S3 VPC gateway endpoint
To set up an S3 VPC gateway endpoint, do the following:
- Open the Amazon VPC console.
- In the navigation pane, choose Endpoints.
- Choose Create Endpoint.
- For Service Name, select com.amazonaws.us-east-1.s3. Be sure that the Type column indicates Gateway. Note: Be sure to replace us-east-1 with the AWS Region of your choice.
- For VPC, select the VPC where you want to create the endpoint.
- For Configure route tables, a route to the S3 VPC endpoint is automatically added.
- For Policy, you can leave the default option Full Access.
- Choose Create Endpoint.
See this comment if you're having trouble with the route tables. –
Trude
Even after following the solution by @Dave Albert i was not successful
The Catch is: The route tables were not updated Follow the below steps accordingly to update the route tables
- Select the Endpoint where in the checkbox
- Actions > Click Manage Route Tables
- Select the checkbox with correct Route Table ID > Click Modify Route Tables
One of the possible reasons could be that the correct route table is not associated to your subnet.
Make sure your VPC endpoint for S3's route table containing the prefix list is associated to the subnet that is configured for your AWS Glue connection. You can check this to ensure proper subnet is listed in the "Associated Id" column on the "Route tables" tab of the lower pane. If you do not see your desired subnet, you can update it by clicking the "Action" button on the top, and selecting "Manage route tables" from the dropdown list.
S3 VPC Endpoint is NOT required for AWS Glue. When you are creating your crawlers, you can optionally define a connection. Or you can leave this part empty and it will work. If you added a connection and didn't do the correct settings, you might get the error you mentioned. See the screenshot.
NOTE: Above statement is for S3 data store. If you need to crawl an RDS database, then you need a connection. Based on your error message, I assume you used S3 as the data store.
© 2022 - 2024 — McMap. All rights reserved.