By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Amazon Personalize - Insufficient privileges for accessing data in S3 when creating dataset import job

0

Hi everyone,

I'm trying to use Amazon Personalize and i'm stuck at creating dataset import job

This is my IAM Role & S3 Bucket policy

IAM Role IAM Role - Trust entities S3 Bucket Policy

I tried many times but still errors. Insufficient privileges for accessing data in S3. Please look at https://docs.aws.amazon.com/personalize/latest/dg/granting-personalize-s3-access.html and ensure your role is configured correctly.

I've following this guideline but no luck. https://cloud.contentraven.com/Embedded?oid=qddMi73E6Fhc/38Xw8a0xQ__&cid=IsleNFg3Qjk_

Is there anyone has experience about it can support me ? Thanks

Topics
Machine Learning & AIStorage
Tags
Amazon PersonalizeAmazon S3 Access Grants
Language
English
AWS-User-8719096
asked 9 months ago197 views
5 Answers
1

Hello.

Why not try temporarily setting the "AmazonS3FullAccess" policy and see if it works?
If you set the "AmazonS3FullAccess" policy and it works, it means that you do not have enough IAM policies to operate S3.
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonS3FullAccess.html

profile picture
EXPERT
Riku_Kobayashi
answered 9 months ago
profile picture
EXPERT
Oleksii Bebych
reviewed 9 months ago
  • AWS-User-8719096
    9 months ago

    Hi @Riku_Kobayashi, i've tried "AmazonS3FullAccess" policy , but it's not working. You can see my answer below

  • Riku_Kobayashi EXPERT
    9 months ago

    Why not try loosening the settings in the S3 bucket policy as shown below?

    {
  "Version": "2012-10-17",
  "Id": "PersonalizeS3BucketAccessPolicy",
  "Statement": [
    {
      "Sid": "PersonalizeS3BucketAccessPolicy",
      "Effect": "Allow",
      "Principal": {
        "Service": "personalize.amazonaws.com"
      },
      "Action": [
        "s3:*"
      ],
      "Resource": [
        "arn:aws:s3:::DOC-EXAMPLE-BUCKET",
        "arn:aws:s3:::DOC-EXAMPLE_BUCKET/*"
      ]
    }
  ]
}
  • AWS-User-8719096
    9 months ago

    Hi @Riku_Kobayashi i just updated the S3 bucket policy but still same error. You can see my answer below

  • Riku_Kobayashi EXPERT
    9 months ago

    I also tried setting it up with my AWS account, but the input was successful. a
    "AmazonPersonalizeFullAccess" is set for the IAM role. The bucket policy is as follows.

    {
    "Version": "2012-10-17",
    "Id": "PersonalizeS3BucketAccessPolicy",
    "Statement": [
        {
            "Sid": "PersonalizeS3BucketAccessPolicy",
            "Effect": "Allow",
            "Principal": {
                "Service": "personalize.amazonaws.com"
            },
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::DOC-EXAMPLE-BUCKET",
                "arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
            ]
        }
    ]
}
  • AWS-User-8719096
    9 months ago

    I've tried you way, but it's still same error, could you please screenshot your bucket, bucket policy, iam role and dataset of you case

0

a

a

a

a

profile picture
EXPERT
Riku_Kobayashi
answered 9 months ago
  • AWS-User-8719096
    9 months ago

    Hi @Riku_Kobayashi, thanks for your support, It seems like my aws account has got a problem, when i tried the same way in another aws account, it's works . Could not understand this situation. Anyway thank you so much

0

As @Riku_Kobayashi just answered, i've added AmazonS3FullAccess policy into IAM Role but still same error

I really don't know what happens

AWS-User-8719096
answered 9 months ago
0

As @Riku_Kobayashi just suggested loosening the settings in the S3 bucket policy but still same error

AWS-User-8719096
answered 9 months ago
0

I've tried you way, but it's still same error, could you please screenshot your bucket, bucket policy, iam role and dataset of you case

AWS-User-8719096
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content