Why do we get a 403 access denied error when we try to validate the Snowflake data pipe?

Question

We are creating a Snowflake data pipe in AWS using the Customer's AWS account. However, a validation issue prevents the Snowflake adapter from being enabled.

Caused by: com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: User: arn:aws:sts::<Reltio AWS Account>:assumed-role/dph-assumerole-dev-<tenant ID>/reltio-s3-session is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::<customer AWS Account>:role/<AWS IAM Role for S3 storage>/ (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: 53b7e2ee-f33d-4471-bad2-1f63bfc58f3c; Proxy: null)

Answer

Remove conditions and simplify the process.

 

{
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Resource": "arn:aws:iam::<customer AWS account>:role/<Customer IAM Role for S3>"
}
]
}

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.