0

I am getting this error when executing below query:

" ERROR: HTTP 403. Permission denied. Check bucket or provided credentials as they may no longer be valid."

SELECT aws_s3.table_import_from_s3(
   'test',
   'a,b,c,d,e',
   '(format csv)', 
   'my-bucket-info',
   'outer/inner/Inbound/sample.csv',
   'us-east-1'
);

Bucket policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::123213213:role/abc-www-role"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::my-bucket-info/*",
                "arn:aws:s3:::my-bucket-info"
            ]
        }
    ]
}

can anyone help?

Manish Nankar
  • 37
  • 1
  • 8

1 Answers1

0

Instead of using "s3:*" as action parameter use only * i.e.

  {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::123213213:role/abc-www-role"
            },
            "Action": "*",
            "Resource": [
                "arn:aws:s3:::my-bucket-info/*",
                "arn:aws:s3:::my-bucket-info"
            ]
        }
    ]
}
Naman
  • 296
  • 1
  • 10
  • Thanks Naman for the reply. Actually the problem was in role assignment. S3import feature was needed to added against IAM role. After doing that, it worked well. – Manish Nankar Jul 08 '21 at 13:52
  • @ManishNankar when are trying to access from s3 there is kind of a union of IAM permissions and S3 bucket polices so that's why I thought allowing everything might do the trick. Its good hear your issue got resolved. – Naman Jul 08 '21 at 15:14
  • Hi @Naman. I am getting another error now. Can you please check this thread. https://stackoverflow.com/questions/68303367/getting-invalid-byte-sequence-for-encoding-utf8-0x00-error-when-executing-a – Manish Nankar Jul 09 '21 at 04:45
  • @ManishNankar I have posted an answer there, see if it work for you. – Naman Jul 09 '21 at 05:16