I am getting this message when I try to create a crawler on AWS Glue:
{"service":"AWSGlue","statusCode":400,"errorCode":"AccessDeniedException","requestId":"RequestIDNumber","errorMessage":"Account <AccountID> is denied access.","type":"AwsServiceError"}
already attached all those policies below to the IAM
Already setup permissions to the AWS lake formation for the role too
Already created a custom policy kms to it too
And I am stucked, I cannot create a crawler!
I am in the root account, actually there`s no other account just the root, It’s a super new account I created in AWS so I don’t know what to do to be able to create this simple crawler
My ideia its to use it with dynamodb as data source
The message says there is something wrong with my account permission not with a role
Someone has an idea?
Thank you so much
2
Answers
I propose to try using a separate user and attaching the policy you created to it.
Not sure the reason, but loads of people have been having this issue. You can submit a ticket through AWS account support. I actually submitted two, including one through the unpaid support version and one through my paid account. They answered both tickets.
Basically, just tell them you need access to Glue and they should alter whatever it is to give you access. Sorry it’s not a better answer, but I found no other useful information anywhere.