AWS Glue - Python Shell Jobs Secret Manager Connectivity Issues

Question

I am using Python Shell Jobs under AWS Glue which has boto3 and a few other libraries built-in . I am facing issues trying to access the secrets manager to get credentials to my RDS instance running Mysql , the job keeps running forever without any (error/success) message nor does it time out .

Below is the simple code that runs even from my local or a lambda for Python3.7 but not in Python Shell GLUE ,

import boto3
import base64
from botocore.exceptions import ClientError

secret_name = "secret_name"
region_name = "eu-west-1"

session = boto3.session.Session()

client = session.client(
    service_name='secretsmanager',
    region_name=region_name
)

get_secret_value_response = client.get_secret_value(SecretId=secret_name)
print(get_secret_value_response)

Would be very helpful if someone could point out if anything needs to be done additionally in Python Shell jobs under AWS Glue in order to access the secret manager credentials .

did you check the cloud watch logs? what is the exception/error that you are getting, can you please provide more info. Maybe the python code is missing base64 library? We are using secret manager in AWS Glue Pyspark environment, and its working perfectly. — Yuva

Abdelrahman Maharek Abdelrahman Maharek · Accepted Answer · 2020-04-13T15:55:59

Make sure the IAM role used by the Glue Job has the policy SecretsManagerReadWrite

Also AWSGlueServiceRole and AmazonS3FullAccess According to the documentation

AWS Glue - Python Shell Jobs Secret Manager Connectivity Issues

2 Answers