PyHive连接到Dataproc上的配置单元获得VPC\u服务\u控制权限\u被拒绝没有匹配的\u访问级别错误
我正在使用PyHive连接到Dataproc上的配置单元获得VPC\u服务\u控制权限\u被拒绝没有匹配的\u访问级别错误,hive,permission-denied,google-cloud-dataproc,vpc,pyhive,Hive,Permission Denied,Google Cloud Dataproc,Vpc,Pyhive,我正在使用pyhive连接到GCPDataproc上的配置单元。查询间歇性地成功和失败。这是问题之一。这件事发生在一次事故中 DROP TABLE IF EXISTS db_name.tb_name 客户端得到 Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/thrift/transport/TSocket.py", line 154, in write
pyhiveDROP TABLE IF EXISTS db_name.tb_name
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/thrift/transport/TSocket.py", line 154, in write
plus = self.handle.send(buff)
BrokenPipeError: [Errno 32] Broken pipe
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
...
...
self._cursor.execute(sql, *args, **kwargs) # type: ignore
File "/usr/local/lib/python3.7/site-packages/pyhive/hive.py", line 356, in execute
self._reset_state()
File "/usr/local/lib/python3.7/site-packages/pyhive/hive.py", line 266, in _reset_state
response = self._connection.client.CloseOperation(request)
File "/usr/local/lib/python3.7/site-packages/TCLIService/TCLIService.py", line 651, in CloseOperation
self.send_CloseOperation(req)
File "/usr/local/lib/python3.7/site-packages/TCLIService/TCLIService.py", line 660, in send_CloseOperation
self._oprot.trans.flush()
File "/usr/local/lib/python3.7/site-packages/thrift_sasl/__init__.py", line 143, in flush
self._flushPlain(buffer)
File "/usr/local/lib/python3.7/site-packages/thrift_sasl/__init__.py", line 166, in _flushPlain
self._trans.write(struct.pack(">I", len(buffer)) + buffer)
File "/usr/local/lib/python3.7/site-packages/thrift/transport/TSocket.py", line 161, in write
raise TTransportException(message="unexpected exception", inner=e)
thrift.transport.TTransport.TTransportException: unexpected exception
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {
"code": 7,
"message": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.PreconditionFailure",
"violations": [
{
"type": "VPC_SERVICE_CONTROLS",
"description": "enVxsuY7TYqavK8rl_fwvgr3yn4-9bneHjDTtQFvton7C03R3sHaXA"
}
]
}
]
},
"authenticationInfo": {},
"requestMetadata": {
"callerIp": "73.252.204.93",
"requestAttributes": {},
"destinationAttributes": {}
},
"serviceName": "dataproc.googleapis.com",
"methodName": "google.cloud.dataproc.v1beta2.ClusterController.ListClusters",
"resourceName": "projects/xxx",
"metadata": {
"securityPolicyInfo": {
"servicePerimeterName": "accessPolicies/xxx/servicePerimeters/Production_Security_Zone",
"organizationId": "xxx"
},
"violationReason": "NO_MATCHING_ACCESS_LEVEL",
"ingressViolations": [
{
"servicePerimeter": "accessPolicies/xxx/servicePerimeters/Production_Security_Zone",
"targetResource": "xxx"
}
],
"@type": "type.googleapis.com/google.cloud.audit.VpcServiceControlAuditMetadata",
"resourceNames": [
"xxx"
],
"vpcServiceControlsUniqueId": "xxx",
"accessLevels": [
"no_matching_definitions"
]
}
},
"insertId": "xxx",
"resource": {
"type": "audited_resource",
"labels": {
"method": "google.cloud.dataproc.v1beta2.ClusterController.ListClusters",
"project_id": "xxx",
"service": "dataproc.googleapis.com"
}
},
"timestamp": "2021-03-13T08:09:35.213190134Z",
"severity": "ERROR",
"logName": "projects/xxx/logs/cloudaudit.googleapis.com%2Fpolicy",
"receiveTimestamp": "2021-03-13T08:09:35.968888182Z"
}