Aucune réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
Contenus pertinents
- demandé il y a un an
- Réponse acceptéedemandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans
Could you explain why you are unable to provide S3 s3:GetObject", "s3:PutObject", "s3:DeleteObject" permission to the S3 bucket you are planning to read or write from Glue? Typical guidance is to create IAM policy for Glue service and attach to Glue Service Role
I pass the source and target dynamically via job attributes. As the job is used by different tenants, for security, each tenant can access only to their source and targets, that's why I can't give the permission directly to the glue role, otherwise a tenant could read/write to a different tenant, whilst passing the credentials, the job would be able to access only to the tenant locations