Failed To Download Analyzer Rules From Glue Assets S3 Path To /tmp/glue_app_analyzer_rules Extra Quality May 2026

1. Prabhakar Reddy's answer was correct; needed to add HTTPS (port 443) outbound rules on the ACL and the VPC. JoeJ. – JoeJ. 2020- Stack Overflow

The error typically occurs during AWS Glue Data Quality checks when the Glue worker cannot fetch your predefined DQDL rules from Amazon S3. This failure usually stems from network isolation or insufficient IAM permissions. Primary Causes and Fixes 1. Missing VPC S3 Gateway Endpoint – JoeJ

Update your execution role policy to include s3:GetObject and s3:ListBucket permissions for the specific bucket and prefix. Primary Causes and Fixes 1

Check that your Security Group outbound rules allow traffic to the S3 prefix list or all IPs on port 443. Troubleshooting Steps 1. Prabhakar Reddy's answer was correct

When running in a VPC, your Security Groups and Network Access Control Lists (ACLs) must allow outbound HTTPS (port 443) traffic to communicate with the S3 service.