Amazon Authenticator Node IAM Permission for

Dear community,

does anyone know what kind of IAM permissions Amazon Authentication needs to be able to connect to s3? What exact checks does it perform against AWS to be able to access s3?

I tried to use the credentials that only grant access to the s3 and the connection failed. If we use credential with full account access - then it seems to work. What additional IAM permissions do we need?

image

@Sumia,

Thanks for reaching out. As far as using AWS credentials we recommend using access key ID and secret key. These directions can be found here:

If you are still wanting to look into using IAM Roles, the documentation can be found here:

Regards,
Ryan

2 Likes

Thank you for your response. To be more prcise - I have tried to connect via key ID and secret key and unfortunately this did not work, permission was denied even though the IAM user has access to the bucket. Therefore, I am trying to understand what the Knime Connector exactly does when trying to connect to AWS?

Hi @Sumia ,

Knime does not “check” anything. Knime is just the “transporter”. AWS is doing the check. AWS is who allows or denies the access.

Clearly it’s a permission issue. This needs to be fixed on the AWS side. Have you tried accessing the s3 bucket with the credentials that only grant access to the s3 other than with Knime?

Hi Bruno,

yes, I tested both - so from anywhere alse I can connect to AWS with the credentials and interact with the s3 content (list, download, upload …). However, I have tried this multiple times with Knime and the same credentials throw me a permission denied error.

Have you tried other credentials? What kind of KNIME version? Any restrictions if it’s work related?

Hi @Sumia ,

Have you tried it from the same station where you are running Knime from? This is just in case the network of that station is not whitelisted.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.