- Newest
- Most votes
- Most comments
Hello,
Yes, you can query the database as an admin user instead of creating separate IAM users on the data consumer side. The 'no session credential found code:8001' error occurs because the admin user in the data consumer account does not have the necessary permissions to access the Redshift cluster.
To address this, you'll need to create a cross-account IAM role to facilitate access between the Federated Central Governance Account and the Data Consumer account. Detailed information about cross-account IAM roles can be found here.
In your Federated Central Governance Account, navigate to the AWS Lake Formation Console. From the left-hand column, select 'Data Lake Permissions', then click 'Grant'. Under IAM users and roles, choose the appropriate IAM role and select the desired permissions for the admin user from the data consumer account. To validate the permissions, proceed to 'Databases' from the left column, choose the relevant database, click 'Actions', and then 'Verify Permission' using the IAM role name.
To access the shared resources using the Data Consumer Account, assume the IAM role. Once assumed, you will have the permissions needed to view the shared resources.
Hope this helps!
Relevant content
- Accepted Answerasked a year ago
- asked 3 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
