Error with creating and querying QuickSight dataset
Hello team,
I am trying to generate dataset from Athena. After I selected desired table and use Custom SQL to query data, I faced error as shown below.
*An error has been thrown from the AWS Athena client.com.amazonaws.services.s3.model.AmazonS3Exception:forbidden *.
To fix this issue, I tried the instruction from https://repost.aws/knowledge-center/quicksight-permission-errors.
However, if i go to Athena, I can query the data without any problem.
What are the other ways to fix this issue?
- Newest
- Most votes
- Most comments
Thanks for asking.
The issue you might encounter could be related to the role not having the necessary S3 permissions. To resolve this, ensure that the role has the proper permissions. You can test this by granting it full S3 permissions, but make sure not to modify the regular service-role.
In a specific case, a customer managed policy named "AWSQuickSightS3Policy" was applied to the “aws-quicksight-service-role-v0.” To fix the issue, the solution was to manually add the relevant buckets to the permissions list for this policy. It's important to note that this policy wasn't applied to the consumers' role but to the service_role.
It might seem confusing that the issue was with the “aws-quicksight-service-role-v0” role. Access logs indicated that the “aws-quicksight-s3-consumers-role-v0” was the assumed role making the call to Athena/S3 and encountering the 403 error.
To check the specific costumer scenario visit this link.
You can find a helpful community forum for QuickSight-related questions here. Feel free to use this resource for any future inquiries you may have about QuickSight.
Relevant content
- asked a year ago
AWS OFFICIALUpdated 24 days ago- AWS OFFICIALUpdated 18 days ago
- AWS OFFICIALUpdated 11 days ago
- AWS OFFICIALUpdated a month ago
