- Newest
- Most votes
- Most comments
Thanks for asking.
The issue you might encounter could be related to the role not having the necessary S3 permissions. To resolve this, ensure that the role has the proper permissions. You can test this by granting it full S3 permissions, but make sure not to modify the regular service-role.
In a specific case, a customer managed policy named "AWSQuickSightS3Policy" was applied to the “aws-quicksight-service-role-v0.” To fix the issue, the solution was to manually add the relevant buckets to the permissions list for this policy. It's important to note that this policy wasn't applied to the consumers' role but to the service_role.
It might seem confusing that the issue was with the “aws-quicksight-service-role-v0” role. Access logs indicated that the “aws-quicksight-s3-consumers-role-v0” was the assumed role making the call to Athena/S3 and encountering the 403 error.
To check the specific costumer scenario visit this link.
You can find a helpful community forum for QuickSight-related questions here. Feel free to use this resource for any future inquiries you may have about QuickSight.
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a month ago