英文:
AWS Glue JDBC Connection created using Cloud Formation is not setting the password
问题
如果我创建一个连接到RDS Aurora实例的Glue JDBC连接,连接不会正常工作,出现以下错误:InvalidInputException: 无法解析任何有效的连接。在AWS控制台中检查后,我发现CloudFormation没有设置Glue连接的密码。因此,连接无法正常工作。
以下是创建Glue连接的CloudFormation脚本:
GlueConn:
Type: "AWS::Glue::Connection"
Properties:
CatalogId: 6256161516
ConnectionInput:
Name: test-glue-conn
ConnectionProperties:
JDBC_CONNECTION_URL: "jdbc:postgresql://..." # 为了安全起见隐藏
JDBC_ENFORCE_SSL: "false"
PASSWORD: password
USERNAME: username
ConnectionType: JDBC
Description: "Glue Conn. for SO"
PhysicalConnectionRequirements:
AvailabilityZone: us-east-1
SubnetId: ahbnr9ow3qhjojngovbme # 为了安全起见隐藏
SecurityGroupIdList:
- jhwgq9748jhognjmovjo # 为了安全起见隐藏
在遵循https://stackoverflow.com/a/69474820/8992678提供的SO答案后,我在PhysicalConnectionRequirements下添加了AvailabilityZone。此外,我使用了AWS CLI来获取一个工作连接的详细信息,正如SO上建议的那样。
运行AWS CLI以获取Glue连接的详细信息后,我发现AWS在ConnectionProperties下添加了一个新的键KAFKA_SSL_ENABLED: "false"。尽管在AWS控制台中编辑此连接时我尚不能看到密码,但我能够将早期的错误解决为新的错误消息Failed to test connection test-conn due to FAILED status.,后来在一些后续测试中导致了Network error。
英文:
If I create a Glue JDBC connection to a RDS Aurora instance, the connection does not work with the following error: InvalidInputException: Unable to resolve any valid connection. After checking it in AWS Console, I found that the password for the Glue Connection is not getting set by CloudFormation. And so, the connection does not work.
Here's the CloudFormation script to create the Glue Connection:
GlueConn:
Type: "AWS::Glue::Connection"
Properties:
CatalogId: 6256161516
ConnectionInput:
Name: test-glue-conn
ConnectionProperties:
JDBC_CONNECTION_URL: "jdbc:postgresql://..." # Hidden for security
JDBC_ENFORCE_SSL: "false"
PASSWORD: password
USERNAME: username
ConnectionType: JDBC
Description: "Glue Conn. for SO"
PhysicalConnectionRequirements:
AvailabilityZone: us-east-1
SubnetId: ahbnr9ow3qhjojngovbme # Hidden for security
SecurityGroupIdList:
- jhwgq9748jhognjmovjo # Hidden for security
After following a SO answer given at https://stackoverflow.com/a/69474820/8992678, I added AvailabilityZone under PhysicalConnectionRequirements. Also, I used AWS CLI to get the details of a working connection as suggested on SO.
After running AWS CLI to get the details of a Glue Connection, I found that AWS was adding a new key KAFKA_SSL_ENABLED: "false" under ConnectionProperties. Though I could not see the password yet in AWS Console if I edit this connection, I was able to resolve the earlier error to a new error message Failed to test connection test-conn due to FAILED status., which later resulted in Network error on some later tests.
答案1
得分: 1
我猜测CloudFormation无法正确创建JDBC的Glue连接;也许这是AWS团队需要解决的新旧问题。我将提出一个AWS支持工单来解决这个问题;在听取他们的回复后,我会更新这个答案。
临时解决方案:与此同时,如果我使用AWS CLI创建或更新Glue连接,并使用相同的详细信息(包括密码),那么它可以正常工作。因此,我打算在CloudFormation脚本后添加一个额外的步骤,作为临时解决方案来运行AWS CLI,直到CloudFormation更好地支持它。
英文:
I guess CloudFormation cannot create a Glue Connection for JDBC correctly; maybe it's a new or old bug AWS team to work on. I will raise an AWS Support ticket regarding this issue; will update this answer after hearing from them.
Temporary solution: Meanwhile, If I create or update the Glue Connection using AWS CLI with the same details (including the password), then it works. So, I am going to add an additional step in CI/CD to run AWS CLI after the CloudFormation script as a temporary workaround until CloudFormation supports it better.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论