I tried to create an MWAA Environment.
But I couldn't because of this error.
Error: error creating MWAA Environment: ValidationException: Unable to check PublicAccessBlock configuration for the account MY AWS ACCOUNT ID: Access Denied (Service: S3Control, Status Code: 403, Request ID: B0C335WJPKE3X4N9, Extended Request ID: 0kRvvV6plctbztoNhIEmJkiQzS8gL4CCrNnLCSE+GCqUdLgkHVSuMQDxvsiBORmzONL1kHNtqkc=)
At first, I tried it using Terraform v0.14.3 and its AWS Provider v3.36.
After that, I tried the same using AWS Management Console and faced the same error.
How can I solve the problem?
I'm not sure if it's related, but here are the Policies attached with the execution role for the Environment.
Assume Role Policy:
Actions:
sts:AssumeRole
Principals
Services = "airflow-env.amazonaws.com", "airflow.amazonaws.com"
Attched Policy:
Actions:
** s3:GetBucket**
** s3:GetObject**
** s3:List**
Resources:
arn:aws:s3:::BUCKET_NAME
arn:aws:s3:::BUCKET_NAME/*
Edited by: yuyatakeyama on Apr 11, 2021 10:55 AM