Create IAM Role

Create IAM role Data Lake

We will create Iam role for services( Glue, QuickSight,etc.) need access data in S3, perform its action.

1. Go to IAM Role in AWS Console.

2. Click Create role.

   

3. Click Custom trust policy.

4. Trust QuickSight, Glue

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Allow",
               "Principal": {
                   "Service": "quicksight.amazonaws.com"
               },
               "Action": "sts:AssumeRole"
           },
           {
               "Effect": "Allow",
               "Principal": {
                   "Service": "glue.amazonaws.com"
               },
               "Action": "sts:AssumeRole"
           }
       ]
   }
   

   

5. Click next.

6. Add permission (like AdministratorAccess)

7. Click next until Review page.

   

8. Click Create role.

Create IAM role for CloudFormation

We will create Iam role for CloudFormation to create resource

1. Go to IAM Role in AWS Console.

2. Click Create role.

   

3. In AWS Service choose CloudFormation.

4. Click next.

5. Add permission (like AdministratorAccess)

6. Click next until Review page.

7. Click Create role.