By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Error when creating AWS Grafana workspace

0

I'm trying out a service called Grafana to display data from a Timestream database into a dashboard. I tried changing the IAM permissions and options, but I always get the following error message when I create workspace.

Error Your account is not allowed to perform the requested action. Please reach out to AWS support.

In the Chrome developer tool, an error message was displayed as follows.

POST https://grafana.ap-northeast-1.amazonaws.com/workspaces 403

Is there any way to solve this problem?

  • Authentication access : AWS IAM Identity Center
  • Permission Type : Service managed
  • VPC : None
  • Network access control : Open access
  • IAM Permission Access : Current account
  • Data source : Amazon Timestream
Topics
Management & GovernanceSecurity, Identity, & Compliance
Tags
Amazon GrafanaAWS IAM Identity Center
Language
English
mokpo4550
asked 7 months ago544 views
2 Answers
0
Accepted Answer

I solved my problem by referring to the URL below.

thread : https://repost.aws/questions/QUax41Q8N7TAeIkAy5bvzG7g/unable-to-start-cloudshell

I wrote an issue with AWS Support, and an hour later they responded and lifting usage restrictions.

  • Service: Account

  • Category: Other account issues

mokpo4550
answered 7 months ago
0

The error message you are encountering, "Your account is not allowed to perform the requested action. Please reach out to AWS support," indicates that there might be an issue with your AWS account permissions or configurations that is preventing you from creating the Grafana workspace. Here are some steps to troubleshoot and resolve this issue:

  1. Check IAM Permissions: Ensure that your AWS IAM user or role has the necessary permissions to create Grafana workspaces and access Amazon Timestream data. To do this:

    • Verify that your IAM user or role has the AmazonTimestreamFullAccess policy attached. This policy provides full access to Amazon Timestream.
    • Ensure that your IAM user or role has permissions to create Grafana workspaces. You can create a custom IAM policy with the necessary permissions and attach it to your user or role.

  2. Check Service Quotas: AWS services often have service quotas that limit the number of resources you can create or use. Check if there are any service quotas related to Grafana workspaces in your AWS account that might be exceeded. If so, you may need to request a quota increase from AWS Support.

  3. Region Compatibility: Ensure that the Grafana workspace and Amazon Timestream are both in the same AWS region. If they are in different regions, you may not be able to create the workspace.

  4. Check Grafana Configuration: Review your Grafana configuration, including the data source configuration for Amazon Timestream. Ensure that you have specified the correct AWS region, credentials, and other settings in Grafana to connect to Timestream.

  5. AWS Support Contact: If you've checked all of the above and the issue persists, the error message specifically mentions reaching out to AWS Support. This may be necessary if there is an account-level issue or if further troubleshooting is required. You can open a support ticket with AWS to get assistance with this specific issue.

  6. Verify AWS Account Status: Ensure that your AWS account is active and in good standing. Sometimes, account-related issues can lead to access problems.

  7. Check Browser and Network: Occasionally, browser issues or network problems can interfere with creating resources in AWS services. Try using a different web browser or network to see if that resolves the issue.

Remember to follow security best practices when configuring IAM permissions and ensure that you grant the least privilege necessary to perform the required actions. Avoid using overly permissive policies for IAM users or roles.

Narnacle
answered 7 months ago
  • mokpo4550
    7 months ago

    The same problem occurred even though both the root user and IAM user were given full access permissions. Even if I tried the method below, the same error message was displayed.

    • Change region to ap-northeast-2, ap-east-1, etc.
    • Do not check any data source (ex: Timestream)

    Are you currently using a basic support plan and is this limiting use of Grafana?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content