I'm trying to use AWS lake formation to perform grants and revokes of permissions for AWS IAM groups, via console I can normally, but via Boto3 or AWS CLI I get an error stating that IAM groups are not accepted in these actions.
How to grant or revoke lake formation by boto3 for IAM groups?
232 views Asked by Caio Ferreira At
1
There are 1 answers
Related Questions in AMAZON-WEB-SERVICES
- S3 integration testing
- How to get content of BLOCK types LAYOUT_TITLE, LAYOUT_SECTION_HEADER and LAYOUT_xx in Textract
- Error **net::ERR_CONNECTION_RESET** error while uploading files to AWS S3 using multipart upload and Pre-Signed URL
- Failed to connect to your instance after deploying mern app on aws ec2 instance when i try to access frontend
- AWS - Tab Schema Conversion don't show up after creating a Migration Project
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Using Amazon managed Prometheus to get EC2 metrics data in Grafana
- AWS Dns record A not navigate to elb
- Connection timed out error with smtp.gmail.com
- AWS Cognito Multi-tenant Integration | Ok to use Client’s Idp?
- Elasticbeanstalk FastAPI application is intermittently not responding to https requests
- Call an External API from AWS Lambda
- Why my mail service api spring isnt working?
- export 'AWSIoTProvider' (imported as 'AWSIoTProvider') was not found in '@aws-amplify/pubsub'
- How to take first x seconds of Audio from a wav file read from AWS S3 as binary stream using Python?
Related Questions in BOTO3
- Problem with add new attribute in table with BOTO3 on python
- Python reading jpg file from s3 unidentified image error
- getting ids from nested bucket structure in s3
- AWS s3 boto3: Error when generating presigned URL The authorization mechanism you have provided is not supported
- bot3 ecs.execute_command: Task Identifier is invalid
- How to use Python's S3FS to delete a file that contains dashes and brackets in the filename?
- How can I set the log_stream_prefix to get the cloudwatch data from lambda
- AWS DynamoDB retrieve items in descending order
- Optimizing Async Batch Processing for AWS CloudWatch Log Downloads Using aioboto3 in Python
- Update session credentials on boto3 client rather than recreating the client
- Type error using combination of mypy and boto3 stubs
- Runtime.ImportModuleError unable to import module cannot import module name "DEPRECETED_SERVICE_NAMES" from botocore.docs
- Recursion Error when s3 client is initialized within Inference script for my SageMaker Endpoint
- Boto3 download all files in a subdirectory
- Why am I getting an error when deploying a model from my S3 bucket to Sagemaker?
Related Questions in AMAZON-IAM
- Bucket policy to block all access except for a list of users with varying access restrictions
- AWS insert lambda function values into DynamoDB
- How to run a sagemaker training job with lambda function
- Glue Notebook not starting: Failed to start notebook
- AWS IAM Policy with s3:PutObject Fails for Specific Bucket in Policy Simulator
- Is it possible to create a IAM policy to restrict access to SSM parameter store
- Not able to call sendTaskSuccess from lamda function
- AWS CDK use `dependsOn` across different .yaml templates
- Finding the most secure way to change IAM user passwords with AWSPowerShell
- AWS Policy statement: Unknown Error: An unexpected error occurred - Invalid principal in policy
- AWS amplify assume role in different AWS account
- IAM Policy to allow update on a deeply nested attribute in DynamoDB
- Deny DynamoDB Access if IP address not on allow list
- InvalidAccessKey when using configure-aws-credentials and jakejarvis/s3-sync-action (GitHub Actions)
- AWS retrieve credentials GitLab CI/CD
Related Questions in AWS-CLI
- How can I get the aws profile id from the aws configure sso command
- AWS Java SDK error: Unable to load credentials from any of the providers
- AWS sts error: The security token included in the request is expired
- macOS: aws cli Could not find executable named "groff"
- Add Cognito to Load Balancer Listener via AWS CLI
- Cognito user pool creation with MFA (TOTP) required via CLI
- Set password policy for AWS Cognito with AWS CLI
- Install AWS cli on lambda function with custom runtime
- Pipe aws output to jq will not result in array
- deleting all old ecr images for a particular branch
- How to retrieve details of a specific schedule using AWS CLI?
- How does one use Docker DIND and AWS CLI together as a service
- aws s3 cp emr stdout.gz file as txt encoding issue
- EC2 cannot access S3 in the same account with proper IAM role
- Pip dependeny issue while tring to host with AWS beanstalk
Related Questions in AWS-LAKE-FORMATION
- Cross Account Access in Lakeformation is not working
- Lake Formation sharing with external account - error when querying with athena in target account
- Lake Formation Cross-Account Share, Issues seeing database in external account
- Lakeformation - Cross account access
- Quicksight unable to see glue catalog tables via Athena
- Lake formation Database resource link is not showing in QuickSight
- "Failed to meet resource limits for operation' getting this error while creating blueprint in aws lake formation
- How to grant or revoke lake formation by boto3 for IAM groups?
- How to assign data filter in lake formation to an iam user using cloudformation template
- AWS Lake formation Granting Permission to Linked Resource
- LakeFormation: Insufficient Lake Formation permission(s) on on resource to Tag or Untag
- Terraform init seems to work but nothing happens in AWS
- Conditional statement for select correct environment permissions terraform
- Multiple for_each loops in a single terraform resource
- Looping through iam user arn's to pass to aws_lakeformation_permissions
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
You can't. Groups aren't principals and can't be granted permissions using resource-based permission policies. If your Group and your LakeFormation stuff are in the same account, you should attach your LakeFormation permissions to the Group rather than using a resource-based permission policy. If they are in different accounts, allow the Group members to assume a Role from the LakeFormation account and give permissions to that.