Dremio setup error : Failed to get policy document to validate permissions

hchoudhary · September 5, 2023, 9:08am

I am trying to setup dremio on ec2 in eu-central-1 region using market place AMI - “ami-054babf5407cc1456”.
I have setup IAM profile for the instance and security groups as described in the documentation - Configuring AWS IAM Permissions and IAM Roles | Dremio Documentation

I see this error,

2023-09-05 09:00:33,176 [qtp332498651-20] INFO  c.d.d.validator.AwsProjectValidator - Failed to get policy document to validate permissions, Unable to execute HTTP request: Received close_notify during handshake

I suspect dremio tries to access AWS api via global endpoints like - sts.amazonaws.com, but I would like to know if I can start dremio with extra arguments or env variables to enforce regional endpoints like - sts.eu-central-1.amazonaws.com ?

balaji.ramaswamy · September 5, 2023, 5:54pm

@hchoudhary Did you try to refresh the page? There is currently no way to configure or enforce the regional endpoints

hchoudhary · September 6, 2023, 11:09am

Hi @balaji.ramaswamy , thanks for your response. i have tried to refresh couple of times but I have the same error.
Is it possible to enable extra verbose logging so I can see some more info at /var/log/dremio/server.log

balaji.ramaswamy · September 6, 2023, 8:28pm

@hchoudhary Not sure if the verbose logging will help, as I said there is currently no way to configure or enforce the regional endpoints

You can open logback.xml under the conf folder and enable both com.dremio and root logger to debug, make sure to set back to original value after the troubleshooting is done

Note; Good idea to make a copy of logback.xml so you can just put it back