AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Cannot Update Account Name Mapping or view any QS datasets for CID Dashboards due to DataLake Permissions

0

I was trying to update the CID Dashboards to display account names as per this doc(https://catalog.workshops.aws/awscid/en-US/dashboards/foundational/cudos-cid-kpi/add-accounts) . When I run the query I get this error... Failed Time in queue: 53 ms Run time: 884 ms Data scanned:

Insufficient Lake Formation permission(s): Required Alter on account_map (Service: AmazonDataCatalog; Status Code: 400; Error Code: AccessDeniedException; Request ID: 3b088179-ac9a-4a3e-a4a7-bfe07cf755fd; Proxy: null) This query ran against the "cid_cur" database, unless qualified by the query. Please post the error message on our forum or contact customer support with Query Id: 2d0fbce8-474c-4f7a-b202-946c135db68f

Also just trying to view the DataSets In QuickSight I get this error... You don’t have sufficient permissions to connect to this dataset or run this query. Contact your administrator for assistance. Error details region: us-east-1 timestamp: 1697652800230 requestId: dfbcb3ea-3dee-40ae-8e3c-795273b16011 sourceErrorCode: 100071 sourceErrorMessage: [Simba]AthenaJDBC An error has been thrown from the AWS Athena client. You are not authorized to perform: athena:ListDatabases on the resource. After your AWS administrator or you have updated your permissions, please try again. [Execution ID not available] sourceErrorState: HY000 sourceException: java.sql.SQLException sourceType: ATHENA

Why can't I update these items that I installed? I am running as Full Admin privs.

주제
분석
태그
아마존 Athena아마존 QuickSightAWS 레이크 포메이션
언어
English
Brian S
질문됨 8달 전400회 조회
1개 답변
0

Hello,

Looking at the error message, it seems there was a lack of permission.

Please refer the below mentioned documents [+] https://repost.aws/knowledge-center/quicksight-access-denied-athena-data [+] https://community.amazonquicksight.com/t/why-cant-i-edit-cid-datasets/20046

This error generally occurs when there are missing permissions in Lake Formation. If you are querying data with Amazon Athena, you can use AWS Lake Formation to simplify how you secure and connect to your data from Amazon QuickSight.

Please follow below steps to grant SELECT permissions on database ‘your_database_name’ and table ‘your_table_name’ to the Quicksight user/group:

  1. Sign in to the AWS Lake Formation console as the data lake administrator.
  2. Choose Database.
  3. Select 'Your_database_name'
  4. From the Actions drop-down menu, choose View permissions. You will see a list of principals with associated permissions for each resource type.
  5. Choose Grant.
  6. Select the drop down menu for ‘SAML users and groups’.
  7. Add Quicksight user arn.
  8. Select tables.
  9. For Table permissions, select SELECT.
  10. Choose Grant.
  11. Following the same steps, you will also need to do the same for the QuickSight service role "aws-quicksight-service-role-v0". Choose IAM users and roles for this.

After granting permissions, please check if you are able to list databases while creating Athena dataset.

Please raise a support case in case this issue persists.

AWS
지원 엔지니어
Dev_G
답변함 8달 전
profile picture
전문가
Giovanni Lauria
검토됨 2달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠