I am able to have cross-account access on a public S3 bucket bucketA . However, I need the Athena service and boto3 library to access the same S3 bucketA which is now a private resource.
How can it be done?
Regards, Aarushi
When Amazon Athena runs queries, it uses the current user's access permissions to access Amazon S3.
Therefore, if you want a particular user to run Athena queries against data in S3, simply make sure that this user has access to the relevant Amazon S3 buckets.
Let's say you have:
User-A
) in Account-A Bucket-B
) in Account-B User-A
to run Amazon Athen queries against data in Bucket-B
You should:
User-A
that permits them to access Bucket-B
(presumably s3:ListBucket
and s3:GetObject
, at a minimum)Bucket-B
that permits access by User-A
(this is required for cross-account access) -- the permissions should be the same as the IAM Policy (eg s3:ListBucket
and s3:GetObject
at a minimum) That should allow User-A
to run queries on data in Bucket-B
.
See the documentation: Cross-account Access in Athena to Amazon S3 Buckets - Amazon Athena
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.