Amazon web services 使用AWS CLI调整红移群集大小的问题_Amazon Web Services_Amazon Redshift_Aws Cli

Amazon web services 使用AWS CLI调整红移群集大小的问题

amazon-web-services amazon-redshift

Amazon web services 使用AWS CLI调整红移群集大小的问题,amazon-web-services,amazon-redshift,aws-cli,Amazon Web Services,Amazon Redshift,Aws Cli,虽然，我已经解决了这个问题；但是在这里分享我的经验，这样如果有人陷入困境，这可能会对你有所帮助根据我们的用例，我们使用AWS提供的CLI定期调整AWS红移集群的大小我们曾经使用以下脚本： aws redshift modify-cluster --region=eu-west-1 --cluster-identifier test-cluster --node-type dc1.large --number-of-nodes 2 它抛出了以下错误： An error occurred (

虽然，我已经解决了这个问题；但是在这里分享我的经验，这样如果有人陷入困境，这可能会对你有所帮助

根据我们的用例，我们使用AWS提供的CLI定期调整AWS红移集群的大小

我们曾经使用以下脚本：

aws redshift modify-cluster  --region=eu-west-1 --cluster-identifier test-cluster --node-type dc1.large --number-of-nodes 2

它抛出了以下错误：

An error occurred (InternalFailure) when calling the ModifyCluster operation (reached max retries: 4): An internal error has occurred. Please try your query again at a later time.

我试着在谷歌上用一条错误信息进行搜索，但看不出多少信息。我已经检查了AWS密钥是否正确部署在我运行脚本的机器上

这里的问题是什么？为什么会这样？

我与AWS支持团队取得了联系。它提出了以下解决方案

我出错的原因是，当红移平台试图代表我的帐户进行描述VPC调用时，它得到了一个未经授权的异常，红移平台正在吞并并冒泡内部故障

我必须向一个IAM用户添加一个新的IAM策略，我正在使用该策略调整您的红移群集的大小

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "redshift:*",
                "ec2:DescribeAccountAttributes",
                "ec2:DescribeAddresses",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVpcs",
                "ec2:DescribeInternetGateways",
                "sns:CreateTopic",
                "sns:Get*",
                "sns:List*",
                "cloudwatch:Describe*",
                "cloudwatch:Get*",
                "cloudwatch:List*",
                "cloudwatch:PutMetricAlarm",
                "cloudwatch:EnableAlarmActions",
                "cloudwatch:DisableAlarmActions"
            ],
            "Effect": "Allow",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "iam:CreateServiceLinkedRole",
            "Resource": "arn:aws:iam::*:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "redshift.amazonaws.com"
                }
            }
        }
    ]
}

我联系了AWS支持团队。它提出了以下解决方案

我出错的原因是，当红移平台试图代表我的帐户进行描述VPC调用时，它得到了一个未经授权的异常，红移平台正在吞并并冒泡内部故障

我必须向一个IAM用户添加一个新的IAM策略，我正在使用该策略调整您的红移群集的大小

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "redshift:*",
                "ec2:DescribeAccountAttributes",
                "ec2:DescribeAddresses",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVpcs",
                "ec2:DescribeInternetGateways",
                "sns:CreateTopic",
                "sns:Get*",
                "sns:List*",
                "cloudwatch:Describe*",
                "cloudwatch:Get*",
                "cloudwatch:List*",
                "cloudwatch:PutMetricAlarm",
                "cloudwatch:EnableAlarmActions",
                "cloudwatch:DisableAlarmActions"
            ],
            "Effect": "Allow",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "iam:CreateServiceLinkedRole",
            "Resource": "arn:aws:iam::*:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "redshift.amazonaws.com"
                }
            }
        }
    ]
}