1 Answer
- Newest
- Most votes
- Most comments
0
You would have to attach a policy to the S3 bucket using the "put-bucket-policy".
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/put-bucket-policy.html
This is a template you can use that should allow Quicksight rights to S3:
{
“Version”: “2012-10-17”,
“Id”: “BucketPolicy”,
“Statement”: [
{
“Effect”: “Allow”,
“Principal”: {
“AWS”: “arn:aws:iam:::role/service-role/aws-quicksight-service-role-v0”
},
“Action”: [
“s3:ListBucket”,
“s3:GetObject”,
“s3:GetObjectVersion”
],
“Resource”: [
“arn:aws:s3:::bucket”,
“arn:aws:s3:::bucket/*”
]
}
]
}
answered 10 months ago
Relevant content
- asked 8 months ago
- asked 9 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 18 days ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 9 months ago
Thanks, but unfortunately this is also not working. The problem is not that Quicksight has not the permission to access S3, the problem is how to tell Quicksight which IAM role it should use for that. If you create a new Quicksight subscription using the CreateAccountSubscription API (https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAccountSubscription.html), it does not create any Quicksight roles, so that the aws-quicksight-service-role-v0 is not avaliable for the S3 bucket policy.