I am trying to use Python, PyAthena, and SQLAlchemy to connect to Athena.
When trying to define a SQLAlchemy cursor:
from pyathena import connect
cursor = connect(
aws_access_key_id=aws_access_key,
aws_secret_access_key=aws_secret_key,
s3_staging_dir=s3_staging_dir,
region_name=aws_region,
schema_name=schema_name,
role_arn=aws_workgroup
).cursor()
I get this error:
ParamValidationError: Parameter validation failed:
Invalid length for parameter RoleArn, value: 14, valid min length: 20
The string for aws_workgroup, which is correct and I cannot change, is 14 characters long. I came across this issue in botocore from 2018, but it refers to aws-visualizer, and I don't know what that is or if I'm using it (or boto, for that matter).
If I remove role_arn from the cursor, that code will run, but then I get this permissions error when trying to execute a query:
DatabaseError: An error occurred (AccessDeniedException) when calling the StartQueryExecution operation:
You are not authorized to perform: athena:StartQueryExecution on the resource.
After your AWS administrator or you have updated your permissions, please try again.
I have verified the credentials in other applications, so it is not an issue with the credentials provided.
How do I fix the RoleArn error? Or is there another method to connect to Athena in Python that gets around this?