En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Cannot Update Account Name Mapping or view any QS datasets for CID Dashboards due to DataLake Permissions

0

I was trying to update the CID Dashboards to display account names as per this doc(https://catalog.workshops.aws/awscid/en-US/dashboards/foundational/cudos-cid-kpi/add-accounts) . When I run the query I get this error... Failed Time in queue: 53 ms Run time: 884 ms Data scanned:

Insufficient Lake Formation permission(s): Required Alter on account_map (Service: AmazonDataCatalog; Status Code: 400; Error Code: AccessDeniedException; Request ID: 3b088179-ac9a-4a3e-a4a7-bfe07cf755fd; Proxy: null) This query ran against the "cid_cur" database, unless qualified by the query. Please post the error message on our forum or contact customer support with Query Id: 2d0fbce8-474c-4f7a-b202-946c135db68f

Also just trying to view the DataSets In QuickSight I get this error... You don’t have sufficient permissions to connect to this dataset or run this query. Contact your administrator for assistance. Error details region: us-east-1 timestamp: 1697652800230 requestId: dfbcb3ea-3dee-40ae-8e3c-795273b16011 sourceErrorCode: 100071 sourceErrorMessage: [Simba]AthenaJDBC An error has been thrown from the AWS Athena client. You are not authorized to perform: athena:ListDatabases on the resource. After your AWS administrator or you have updated your permissions, please try again. [Execution ID not available] sourceErrorState: HY000 sourceException: java.sql.SQLException sourceType: ATHENA

Why can't I update these items that I installed? I am running as Full Admin privs.

Sujets
Analytique
Balises
Amazon AthenaAmazon QuickSightFormation de lac AWS
Langue
English
Brian S
demandé il y a 7 mois377 vues
1 réponse
0

Hello,

Looking at the error message, it seems there was a lack of permission.

Please refer the below mentioned documents [+] https://repost.aws/knowledge-center/quicksight-access-denied-athena-data [+] https://community.amazonquicksight.com/t/why-cant-i-edit-cid-datasets/20046

This error generally occurs when there are missing permissions in Lake Formation. If you are querying data with Amazon Athena, you can use AWS Lake Formation to simplify how you secure and connect to your data from Amazon QuickSight.

Please follow below steps to grant SELECT permissions on database ‘your_database_name’ and table ‘your_table_name’ to the Quicksight user/group:

  1. Sign in to the AWS Lake Formation console as the data lake administrator.
  2. Choose Database.
  3. Select 'Your_database_name'
  4. From the Actions drop-down menu, choose View permissions. You will see a list of principals with associated permissions for each resource type.
  5. Choose Grant.
  6. Select the drop down menu for ‘SAML users and groups’.
  7. Add Quicksight user arn.
  8. Select tables.
  9. For Table permissions, select SELECT.
  10. Choose Grant.
  11. Following the same steps, you will also need to do the same for the QuickSight service role "aws-quicksight-service-role-v0". Choose IAM users and roles for this.

After granting permissions, please check if you are able to list databases while creating Athena dataset.

Please raise a support case in case this issue persists.

AWS
INGÉNIEUR EN ASSISTANCE TECHNIQUE
Dev_G
répondu il y a 7 mois
profile picture
EXPERT
Giovanni Lauria
vérifié il y a 2 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents