Sam Maradwi
07/20/2022, 4:29 PMbotocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the GetSecretValue operation: User: arn:aws:sts::xxx:assumed-role/code_deployments-role/iddoc- is not authorized to perform: secretsmanager:GetSecretValue on resource: 4i-adl-config because no identity-based policy allows the secretsmanager:GetSecretValue action
Chris White
07/20/2022, 7:14 PMSam Maradwi
07/20/2022, 8:01 PMLogged in to Prefect Cloud tenant 'Default' (default)
Collecting flows...
Error loading '4i_ffs_vtapm_prvdr_rsp_process/4i_ffs_vtapm_prvdr_rsp_process.py':
Traceback (most recent call last):
File "/home/ec2-user/.local/lib/python3.7/site-packages/prefect/cli/build_register.py", line 134, in load_flows_from_script
namespace = runpy.run_path(abs_path, run_name="<flow>")
File "/usr/lib64/python3.7/runpy.py", line 263, in run_path
pkg_name=pkg_name, script_name=fname)
File "/usr/lib64/python3.7/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/4i-prefect-flows/src/flows/4i_ffs_vtapm_prvdr_rsp_process/4i_ffs_vtapm_prvdr_rsp_process.py", line 62, in <module>
adl_secrets = adl_config.envConfig('4i-adl-config')
File "/tmp/4i-prefect-flows/src/flows/4i_ffs_vtapm_prvdr_rsp_process/4i_ffs_vtapm_prvdr_rsp_process.py", line 37, in envConfig
get_4i_adl_secret_value = client.get_secret_value(SecretId=secret_name)
File "/home/ec2-user/.local/lib/python3.7/site-packages/botocore/client.py", line 508, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/home/ec2-user/.local/lib/python3.7/site-packages/botocore/client.py", line 915, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the GetSecretValue operation: User: arn:aws:sts::xxx:assumed-role/code_deployments-role/iddoc-test is not authorized to perform: secretsmanager:GetSecretValue on resource: 4i-adl-config because no identity-based policy allows the secretsmanager:GetSecretValue action
Kevin Kho
07/20/2022, 9:24 PMSam Maradwi
07/21/2022, 2:19 PMKevin Kho
07/21/2022, 2:22 PMSam Maradwi
07/21/2022, 2:39 PMKevin Kho
07/21/2022, 2:42 PMget_4i_adl_secret_value = client.get_secret_value(SecretId=secret_name)
which is not a Prefect line. Do you have this line in your code?Sam Maradwi
07/21/2022, 2:48 PMKevin Kho
07/21/2022, 2:51 PMflows/src/flows/4i_ffs_vtapm_prvdr_rsp_process/4i_ffs_vtapm_prvdr_rsp_process.py", line 37, in envConfig
get_4i_adl_secret_value = client.get_secret_value(SecretId=secret_name)
or are you importing in this line from somewhere?Sam Maradwi
07/21/2022, 2:54 PMKevin Kho
07/21/2022, 2:57 PMSam Maradwi
07/21/2022, 6:54 PM