AWS firehose documentation change
Summary
Added error handling documentation including S3/Glue access denied errors
Security assessment
The added section explains how to troubleshoot security-related permissions issues (e.g., AccessDenied errors), enhancing security documentation but not directly fixing a vulnerability.
Diff
diff --git a/firehose/latest/dev/apache-iceberg-stream.md b/firehose/latest/dev/apache-iceberg-stream.md index 6e8f65ceb..fd3fe99bd 100644 --- a//firehose/latest/dev/apache-iceberg-stream.md +++ b//firehose/latest/dev/apache-iceberg-stream.md @@ -5 +5 @@ -Configure source and destinationConfigure data transformationConnect data catalogConfigure JQ expressionsConfigure unique keysSpecify retry durationHandle failed delivery or processingConfigure buffer hintsConfigure advanced settings +Configure source and destinationConfigure data transformationConnect data catalogConfigure JQ expressionsConfigure unique keysSpecify retry durationHandle failed delivery or processingHandle errorsConfigure buffer hintsConfigure advanced settings @@ -127,0 +128,13 @@ You must configure Firehose to deliver records to an S3 backup bucket in case it +## Handle errors + +Firehose sends all delivery errors to CloudWatch Logs, and Amazon S3 error buckets. + +List of errors: + +**Error Message** | ****Description**** +---|--- +`Iceberg.NoSuchTable` | Firehose is writing to a table that doesn't exist, or the table is not in V2 format. Firehose doesn't support tables in V1 format. +`Iceberg.InvalidTableName` | A null or empty table name is passed, or the table is not in V2 format. Firehosedoesn't support tables in V1 format. +`S3.AccessDenied` | Ensure that the IAM role created in the prerequisites step has the required permissions, and trust policy. +`Glue.AccessDenied` | Ensure that the IAM role created in the prerequisites step has the required permissions, and trust policy. +