Adding an IAM policy for a console user

Setting up permissions for a user for the AWS Management Console is optional, but if you require console access, take this step first.

To set up permissions to reach DataBrew on the console, choose one of the following:

Use the policy that's managed by AWS: AwsGlueDataBrewFullAccessPolicy. If you choose this option, skip to the next policy, Adding permissions for data resources for an IAM role.
Create the policy described in this section, AwsGlueDataBrewCustomUserPolicy. This option enables you to customize the policy with additional custom security requirements.

The following policy grants the permissions needed to run the DataBrew console. You provide those permissions by using IAM.

Download the JSON for the AwsGlueDataBrewCustomUserPolicy IAM policy.
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
In the navigation pane, choose Policies.
For each policy, choose Create Policy.
On the Create Policy screen, navigate to the JSON tab.
Copy the policy JSON statement that you downloaded. Paste it over the sample statement in the editor.
Verify that the policy is customized to your account, security requirements, and required AWS resources. If you need to make changes, you can make them in the editor.
Choose Review policy.

Run the following command to create the policy.


aws iam create-policy --policy-name AwsGlueDataBrewCustomUserPolicy --policy-document file://iam-policy-AwsGlueDataBrewCustomUserPolicy.json

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Setting up IAM policies for DataBrew

Adding permissions for DataBrew data resources