I'm trying to provide cross-account Glue access to Account B from Account A.
I'm first getting an error that says,
User {my_arn} is not authorized to perform: glue:GetDatabases on resource: {catalog}
I researched and found that I can grant Data Catalog permissions through Lake Formation. I selected "External accounts" and added the catalog resources along with table permissions. However, I get another error that says:
You don't have IAM permissions to make cross-account grants.
The required permissions are in the AWS managed policy AWSLakeFormationCrossAccountManager.
So I go to the IAM Management Console, find the policy specified in this error message, and attach it to the role I'm using (the one in the top right corner of the AWS Management Console).
But the same error message keeps popping up and this doesn't seem to have solved the issue.
What am I doing wrong here? How can I bypass this issue?
