AWS EMR Hue S3 File Browser not able to access AWS S3

0
votes

I have an EMR with Huw application and LDAP authentication.\n

i am following http://gethue.com/introducing-s3-support-in-hue/

i have setup ldap user aws profile and seeded hue.ini with aws key.

My ldap user is able to access s3 from EMR CLI using aws CLI .

i am using same ldap user to login into hue but hue s3 file browser is giving below error

Processing exception: S3 filesystem exception.: Traceback (most recent call last):
  File "/usr/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py", line 112, in get_response
    response = wrapped_callback(request, callback_args, callback_kwargs)
  File "/usr/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py", line 371, in inner
    return func(*args, kwargs)
  File "/usr/lib/hue/apps/filebrowser/src/filebrowser/views.py", line 214, in view
    raise PopupException(msg, detail=e)
PopupException: S3 filesystem exception.
**exceptions_renderable ERROR    Potential detail: Access Denied**
1
amazon-web-servicesamazon-s3amazon-emrhue

1 Answers

1
votes

This issue is resolved now

Version details are AWS EMR-5.7.0 , Hue 3.12.0.

emr-5.7.0 takes care of integrating of Hue with S3. S3 browser works given LDAP user, used in hue should should have permissions on bucket.

Problem in our case was that EMR was in a private VPC and when we opened up VPC endpoint policy to allow "s3:ListAllMyBuckets" for whole s3 for everyone, which hue s3 browser does it started working..

No change in hue.ini was required , No aws api Keys Needed , only VPC policy change fixed the issue.