Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Amazon AWS: DataPipelineDefaultRole/EDPSession not authorized to perform iam:ListRolePolicies

Tags:

amazon-web-services

amazon-s3

amazon-iam

amazon-rds

amazon-data-pipeline

I have been assigned an IAM role in AWS by my manager and I am trying to setup an Amazon Data Pipeline. I am repeatedly facing permission issues and authorization issues like the following when trying to activate the PipeLine.

WARNING: Error occured while validating role 'DataPipelineDefaultRole'. Error: Status Code: 403, AWS Service: AmazonIdentityManagement, AWS Request ID: fbf1935a-bcf1-11e3-82d4-cd47aac2f228, AWS Error Code: AccessDenied, AWS Error Message: User: arn:aws:sts::723751385540:assumed-role/DataPipelineDefaultRole/EDPSession is not authorized to perform: iam:ListRolePolicies on resource: role DataPipelineDefaultRole

There are no errors... only warnings like the one above.

My CTO has assigned me with Super Administrator Role in the AWS access manager. Yet i am not able to do it. Been at least 2 weeks that we are going around this thing. He has granted all super admin permissions and privileges to my IAM.

p.s. i followed the documentation of "Export RDS data to S3 via CopyActivity using the AWS Data Pipeline console" tutorial from http://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-copydata-mysql-console.html

like image 966
Rakib Avatar asked Sep 11 '25 23:09

Rakib

1 Answers

I had the same error and could find a solution in the following AWS documentation link: http://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-iam-roles.html

I quote the text that solved the issue:

Update Existing IAM Roles for AWS Data Pipeline

Use the following procedure to update the DataPipelineDefaultRole and DataPipelineDefaultResourceRole roles.

To update your existing IAM roles using managed policies

Open the Identity and Access Management console at https://console.aws.amazon.com/iam/

Update the DataPipelineDefaultRole role as follows:

  1. In the navigation pane, click Roles, and then click the row for the DataPipelineDefaultRole role.
  2. Under Permissions, click Attach Policy.
  3. On the Attach Policy page, click the box next to the AWSDataPipelineRole policy, and then click Attach Policy.

Update the DataPipelineDefaultResourceRole role as follows:

  1. In the navigation pane, click Roles, and then click the row for the DataPipelineDefaultResourceRole role
  2. Under Permissions, click Attach Policy.
  3. On the Attach Policy page, click the box next to the AmazonEC2RoleForDataPipelineRole policy, and then click Attach Policy.

I hope this helps!

like image 155
Erizo Avatar answered Sep 13 '25 19:09

Erizo
Sign in to Comment

Related questions

AWS Sagemaker PermissionError when starting training job?
Iam user not authorized to perform: firehose:CreateDeliveryStream on resource xxxx with an explicit deny
AWS ElastiCache for Redis Cluster vs Replication group
Apply same Lifecycle rule to multiple buckets
Difference between aws_iam_policy and aws_iam_role_policy
ModuleNotFoundError: No module named 'imp'
Does the length of dynamoDB field name matter in terms of pricing
AWS Load Balancer, serving static site and an api
Using fn::split in Serverless yaml configuration not working
<AWS VPC> Unable to ping private subnet instance from a public subnet instance

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!