Please take this survey to help us learn more about how you use third party tools. Your input is greatly appreciated!

Is it possible to access AWS S3 on different AWS account with IAM roles on Vertica machine?

Hi,
We have been using Vertica 9.3 version hosted on AWS EC2 instances on our AWS account A and were able to access S3 bucket on another AWS account B with Bucket policy on that S3 bucket with Principal Role which is assigned to EC2 instances where Vertica is deployed on AWS account A.
AWS account A AWS account B
Vertica 9.3 on EC2 instance with AWS Vertica-role S3 bucket policy Principal Vertica-role

After upgrading to Vertica version 11 we are not able to reach AWS account B S3 bucket with the same setup.
We are told to use ALTER SESSION SET AWSAuth.
For that on AWS account B on S3 bucket we need to have Principal AWS user (instead of a role) and in our SQL queries we need to hardcode accesskey and secretaccesskey of that new AWS user.

ALTER SESSION SET AWSAuth='XXXXXX:XXXXXXXXXXXXXXX';

Vertica documentation says we should use AWS IAM roles to access AWS resources, but we are not able to.

Please tell me there is a way and that I am missing something.

Thank you

Answers

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file

Can't find what you're looking for? Search the Vertica Documentation, Knowledge Base, or Blog for more information.