Setting up AWS Identity and Access Management (IAM) permissions - AWS Glue DataBrew

Setting up AWS Identity and Access Management (IAM) permissions

Before you get started, you need to set up a few things in IAM. You need to be an IAM administrator or have help from one. However, if you have an account with administrator access, you can do these tasks yourself. You can find simple instructions for each task in this section.

Following is an overview of what you need to do:

  • As part of this process, you add an IAM user. You don't have to add a new user, you can use an existing one. You attach DataBrew permissions so that the user can open the DataBrew console.

  • Create an IAM role. A role allows certain actions and gives permissions when it is used, within limits. For example, it only works for users in your AWS account. You can add more limitations later.

  • Create the IAM policy or policies that you need. A policy is a list of things that a user is allowed to do. To create a policy, you open another console page and paste in the text from a file you download.

Note

What we provide here is basic setup information. We recommend that you take time to customize your permissions so they meet your security and compliance needs. If you need help, contact your administrator or AWS Support.

To add the required permissions

  1. Create IAM policies to enable users to run DataBrew by doing the following:

    You need to be an IAM administrator to create IAM users, roles, and policies.

  2. Add users or groups for DataBrew. A user or group with the correct permissions attached can access the DataBrew console.

  3. Add a role with permissions to access data for DataBrew. A role with the correct permissions can access data on the user's behalf.