Direkt zum Inhalt
Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post
Über re:Post

NoSQL Workbench not adding account when including Role ARN

0

Hello,

I noticed my No-SQL workbench connection which I had been using all up until now suddenly doesn't show my tables. I tried to re-add the connection (specifying my access key, secret, and role arn to assume), when I click add, it just goes back to the screen where I can add connections, but doesn't show my newly added connection. If I add only the access id and secret without the role arn, it indeed adds the connection, and I can see the tables from that base account. This used to work no problem with the role in question (which has admin rights to dynamo). Anyways, I made another role with just Dynamo full access and that still didn't work. There is nothing wrong with the account assuming the role in question, I tried it on the cli and it's definitely a full blown dynamo admin.

Any help would be appreciated

Themen
Datenbank
Tags
Amazon DynamoDB
Sprache
English
gefragt vor 4 Monaten80 Aufrufe
1 Antwort
0

It sounds like you're experiencing an issue with NoSQL Workbench when trying to connect using a role ARN. Based on the information provided, here are some potential solutions:

  1. When connecting to DynamoDB using NoSQL Workbench, the basic connection requires an account alias, AWS Region, access key ID, and secret access key. The role ARN appears to be causing the issue in your case.

  2. Since the connection works without the role ARN but fails when you include it, this suggests either:

  • There might be an issue with the trust relationship between your IAM User and the role
  • The permissions for assuming the role might be missing
  1. Try these troubleshooting steps:
  • Double-check the role ARN format to ensure it's correct
  • Verify that the trust policy on the role explicitly allows your base account/user to assume it
  • Confirm that your base user credentials have the necessary "sts:AssumeRole" permission on the target role ARN
  • Try using temporary credentials (with a session token) that already have the necessary DynamoDB permissions instead of role assumption
  • Check for AssumeRole events in CloudTrail to look for exceptions and errors.

Sources
Connecting to live datasets - Amazon DynamoDB

beantwortet vor 4 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Relevanter Inhalt