When I execute Amazon Athena queries in SQL Workbench/J, in AWS Lambda, or with an AWS SDK, I get the error: "Unable to verify/create output bucket."

This error happens when you don't have permission to write to the Amazon Simple Storage Service (Amazon S3) bucket where the Athena query results are stored. Be sure that your AWS Identity and Access Management (IAM) policy has the required permissions, such as s3:GetBucketLocation.

Confirm that the permissions in the following example policy are allowed in the IAM policy for the user or role that is executing the query. Be sure that the IAM policy does not contain a Deny statement that uses aws:SourceIp or aws:SourceVpc to restrict S3 permissions.

Note: The s3:CreateBucket permission isn't required if the bucket already exists. The arn:aws:s3:::aws-athena-query-results-* permission isn't required if you manually set the query result location. The arn:aws:s3:::query-results-custom-bucket and arn:aws:s3:::query-results-custom-bucket/* permissions are required only if you manually set the query result location.

{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Action": [
      "s3:GetBucketLocation",
      "s3:GetObject",
      "s3:ListBucket",
      "s3:ListBucketMultipartUploads",
      "s3:ListMultipartUploadParts",
      "s3:AbortMultipartUpload",
      "s3:CreateBucket",
      "s3:PutObject"
      ],
    "Resource": [
      "arn:aws:s3:::aws-athena-query-results-*",
      "arn:aws:s3:::query-results-custom-bucket",
      "arn:aws:s3:::query-results-custom-bucket/*"
        ]
      }
    }
  }
}

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2019-02-22