- Mais recentes
- Mais votos
- Mais comentários
I wanted to give an update in case anyone else has the same issue.
The problem was not with the configuration I detailed in my main post, but with the way we were trying to connect using boto3 (aws SDK for Python). Since we need to assume a role (programmatically) we also needed to use that role's credentials to generate the token (using the generate_auth_token method).
This is explained here: https://repost.aws/knowledge-center/lambda-function-assume-iam-role
Try adding the rds-db:connect permission to the Glue role in Account A. If you look at the following, it shows that the permission needs to be allowed in both accounts.
Cross-account policy evaluation logic
Second suggestion: Could it be related to this? You mentioned IP addresses. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html#UsingWithRDS.IAMDBAuth.GlobalContextKeys
Conteúdo relevante
- AWS OFICIALAtualizada há um ano
Hi Kentrad
I've just tried that and I'm still getting the same issue