AWS Glue gives AccessDeniedException

Question

When I'm trying to create Glue Crawler, I get this error, even though I have full administration access on IAM

{"service":"AWSGlue","statusCode":400,"errorCode":"AccessDeniedException","requestId":"c1a564e7-d012-4e96-946f-a32be287e8ba","errorMessage":"Account 1234567890 is denied access.","type":"AwsServiceError"}

Do you have any 'permissions boundaries' configured for your user in IAM? https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html Similar issue https://stackoverflow.com/questions/73202225/access-denied-when-create-aws-glue-crawler — Oleksandr Lykhonosov, Aug 07 '22 at 12:43

score 2 · Accepted Answer · answered Aug 08 '22 at 20:15

2

Open IAM

Policy Name: GlueActions (Type :Customer Inline)[ --- "Statement":[

  "Resource":
             ...
             "arn:aws:glue:*xxx:catalog"
             ...
             ],
            "Effect":"Allow"
                ]

Ensure the above "catalog" is present else create the whole Customer Inline JSON

answered Aug 08 '22 at 20:15

Raghavendran Ravichandran

51
5

you can also get the whol json auto populated. – Raghavendran Ravichandran Aug 08 '22 at 20:16
also ensure that other relevant AWS Glue permissions are enabled – Raghavendran Ravichandran Aug 08 '22 at 20:16

AWS Glue gives AccessDeniedException

1 Answers1

Linked