By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Why do I get the AmazonS3Exception "Access Denied with Status Code: 403" in Amazon Athena when I query a bucket in another account?

2 minute read
0

I'm using Amazon Athena to query objects in an Amazon Simple Storage Service (Amazon S3) bucket that's in a different account. Some of the objects in the bucket are owned by a third account. I get the AmazonS3Exception "Access Denied with Status Code: 403" when I run the query.

Short description

Access denied errors commonly occur when you query logs that were written by another AWS service, such as AWS CloudTrail or Amazon Virtual Private Cloud (Amazon VPC). These services log events to Amazon S3. The bucket owner has full access to the S3 objects. The second account doesn't own the bucket or the objects. When the second account queries an Athena table that references these S3 objects, you get an access denied error.

Resolution

It's not possible to transfer ownership of Amazon S3 objects. Instead, choose one of the following options:

Related information

Why can't I access an object that was uploaded to my Amazon S3 bucket by another AWS account?

How do I transfer the ownership of an Amazon S3 bucket to a different AWS account?

How do I resolve "Access Denied" permission errors when I run a query in Amazon Athena?

AWS OFFICIAL
AWS OFFICIALUpdated 5 months ago