I need some help accessing the lake formation database resource link in QuickSight.
Here's the scenario,
In My Source Account (Account A), I have databases and tables in the lake formation data catalog. The S3 bucket, where all findings are stored from security hub, is also in Account A. I have shared these resources with my another AWS account which is Target Account(Account B). In Account B, I created a database resource link, and I can access the database and tables in Athena and query them. However, I am not seeing my database and tables in QuickSight Dataset. I also followed the steps in below link provided by QuickSight Experts but still not working.
I have also asked the same question to aws re:post. https://repost.aws/questions/QUJRD6TuH5RJOt1RSNWMqMJQ#AN7WcMKkvLRPOOyeSvBiCMJQ
If anyone has encountered the same issue or any idea, please share with me and help me to figure out this. Thank you.
Things i've tried,
- I tried creating data source again in QuickSight, didn't work.
- In QuickSight security & permissions, I have granted S3 and Athena services and selected data source (bucket) as an [S3 bucket you can access across AWS].I have checked the QuickSight Role which is "aws-quicksight-service-role-v0" and it has necessary S3 bucket permissions such as
s3:GetObject,s3:ListBucketpermissions. - My target account is using OrganizationAccountAccessRole with a full admin access, and i have given the permission to access the lake formation to it (AWSLakeFormationDataAdmin). I have also given it AthenaFullAccess.
- In database resource link of Target Account, I granted permission to QuickSight ARN but when i select the database link and view permission, the grant is not sticking and it's empty. However permission are showing in Data lake permission pane.