Closed sajohal closed 3 years ago
Is anyone looking into this please
sorry shouldn't have closed
Hello, we do not own the Athena JDBC driver (it's owned by the Athena service team itself). However, if it is working in DataGrip and not PyCharm, that seems to indicate the issue is with the DataGrip plugin which is slightly different than DataGrip itself. Additionally, could you link the YouTrack issue you filed? Did you post your PyCharm idea.log file to the ticket?
However the issue is with the AWS toolkit plugin I'm using within Pycharm. I've attached the idea.log file for Pycharm where I tried to perform the action at 18:33 GMT and cancelled it 3 minutes later.
I've also added the similar log file with Datagrip which was successful at 18:33 GMT
Hello, the AWS Toolkit Plugin does not offer any features around Athena, all of the UI and functionality is between the JDBC driver and Intellij.
Based on the logs, it seems like the plugin received a bad response which might indicate an issue with the JDBC driver itself, I have passed this bug report on to the service team that owns the JDBC driver.
Hi @hunterwerlla has there been any progress on this please or is there another bug on another board I need to follow?
hi @hunterwerlla any more update on this please
This issue can now be closed, Jetbrains support suggested reverting from AthenaJDBC42_2.0.9 to AthenaJDBC42 which now works
We wanted to use AWS Toolkit to support Athena because JDBC driver doesn't support 2fa authentication, it only allows static API keys.
I was led here by https://youtrack.jetbrains.com/issue/DBE-7300 - but the comments on this issue suggests AWS Toolkit is passing off responsibility to another internal team.
I don't really care how it happens, I just would like a way to use Athena with datagrip while using mfa/2fa. This requirement is becoming mandatory in many operating environments.
Should the Athena driver team re-implement all the authentication methods that are in AWS Toolkit? Or is it possible you could coordinate between teams?
Thanks for your consideration.
This doesn't work. I don't see the MFA dialog when testing the connection
[HY000][100131] [Simba][AthenaJDBC](100131) An error has been thrown from the AWS SDK client.
User: arn:aws:iam::111111111:user/USER is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::2222222:role/ROLE (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied;
Request ID: e9c4446d-7ceb-45ca-b054-31eb88353c43; Proxy: null) [Execution ID not available]
Permissions are fine from console/CLI
[default]
aws_access_key_id=...
aws_secret_access_key=...
#mfa_serial=arn:aws:iam::1111111:user/USER
region = us-east-1
[grip_de]
role_arn = arn:aws:iam::22222:role/ROLE
source_profile = default
parent_profile=default
mfa_serial = arn:aws:iam::1111111:mfa/USER
region = us-east-1
Describe the bug I can't get my pycharm to connect to our AWS but can in datagrip which is using the same driver. I've attached screenshots of both. I did raise with Jetbrains but suggested I post the bug here.
To reproduce
Expected behavior
Test should be successful
Screenshots
Your Environment
Additional context