Cloud formation template for Datazone Environmentprofile


So I am trying to create a datazone environment profile through Cloudformation template, I was able to create datazone domain, project successfully through CFT. I have done Environment Blueprint Configuration(DefaultDataLake) manually, where I have created to manage access role and Provisioning role. Also given the required policy in manage access role. Also added the manage policy role in lake formation (AWS Lake Formation >Administrative roles and tasks). So whenever I am creating the environmentprofile and environment through aws console its getting created successfully but whenever I am trying it through CFT its giving me an error [User is not permitted to perform operation: CreateEnvironmentProfile (Service: DataZone, Status Code: 403,]

AWSTemplateFormatVersion: '2010-09-09'
Description: Datazone environment

    Type: AWS::DataZone::EnvironmentProfile
      AwsAccountId: #accountID
      AwsAccountRegion: us-east-2
      DomainIdentifier: #domainidentifier
      EnvironmentBlueprintIdentifier: DefaultDataLake
      Name: #environmentprofilename
      ProjectIdentifier: #projectname


1 Answer


As you might already know, when we create resources from a CloudFormation, we get an option to provide an IAM role for Cloud Formation to assume to spin up the resources. If not provided, the role that you are logged into the AWS console as will be used for this. If you are indeed passing a role to CloudFormation rto assume, can you please review that first.

Also, what you can do to troubleshoot is effectively is that you can navigate to the Cloud Trail console and compare the cloud trail event on the API call "CreateEnvironmentProfile" when it is being performed from console and from CFT. This might point us to any potential difference between the API calls.

Thank you!

answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions