- 최신
- 최다 투표
- 가장 많은 댓글
The policy for your admin role will state what access you have to Quicksight and what you can do with Quicksight. For Quicksight to host a connection inside VPC, it requires an independent Execution role to what assigned to you as a user. The execution role has to have a trust policy assigned to it. Check the steps needed here: https://docs.aws.amazon.com/quicksight/latest/user/vpc-creating-a-connection-in-quicksight-console.html
Execution role– An IAM role that contains a trust policy that allows QuickSight to create, update, and delete network infrastructure in your account. This policy is required for all VPC connections. At minimum, the IAM policy needs the following Amazon EC2 permissions:
DescribeSecurityGroups
DescribeSubnets
CreateNetworkInterface
DeleteNetworkInterface
ModifyNetworkInterfaceAttribute
And trust Policy:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "quicksight.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
