Databricks Community

patrykp · ‎03-04-2025

Hi

I am trying to establish a method of accessing secrets from AWS Secrets Manager and understand this can be done with boto as suggested from AWS.

We have created all of the relevant IAM roles, instance profiles etc. Accessing S3 with this method is working well.

However, whenever I try to interact with Secrets Manager I keep getting the
"NoCredentialsError: Unable to locate credentials" error.

The role assigned to the EC2 after creation has the relevant permission to read/write from Secrets Manager.

I'm at a dead end and appreciate any help.

Many Thanks

Example code:

import boto3

session = boto3.Session(region_name=region_name)

# Create a Secrets Manager client using instance profile/IAM role

client = session.client(service_name='secretsmanager')

# Get the secret value

response = client.get_secret_value(

SecretId=secret_id

)

Alberto_Umana · ‎03-04-2025

Hi @patrykp,

Verify that the attached IAM policy includes the necessary secretsmanager:GetSecretValue, secretsmanager:ListSecrets

patrykp · ‎03-04-2025

Hi @Alberto_Umana,

Yes, the Role has the SecretsManagerReadWrite policy.

Also within my furthet investigation I tried running it via Personal Cluster and it worked!

Basically, 3 scenarios:

- Shared Cluster with applied InstanceProfile - Secrets failing
- Personal without InstanceProfile applied - Secrets failing
- Shared Cluster with applied InstanceProfile - Secrets received succesfully.

So I guess problem is with the Access mode of the cluster? Cannot find anything related to that in the docs.

Databricks Community

AWS Secrets Manager access

Photos

Join Us as a Local Community Builder!

Announcing the APJ Databricks Smart Business Insights Challenge: Empowering Data-Driven Decision Mak

🚀 Monthly Databricks Get Started Days – Accelerate Your Learning Journey! 🚀

Business Intelligence in the Era of AI

Virtual Learning Festival: 9 April - 30 April

Data + AI Summit 2025 — registration now open!