Creating an IAM User to Enable Access to Your Data
Create an IAM user in the AWS Console and generate an access key as part of either of these tasks:
- Configuring compute settings when you are connecting your AWS account to Dremio Cloud manually during the sign-up process for Dremio Cloud
- Adding a cloud to a project
Before following these steps, ensure that you have copied Dremio Cloud's policy JSON for compute settings from either of the locations listed above.
To create an IAM user for enabling Dremio Cloud to access compute resources in your AWS cloud:
In the AWS Console, navigate to the IAM service.
Navigate to Users through the navigation panel and click Add User.
Enter a User name (for example dremio-data-iamuser).
For Access Type, select Programmatic access. This will allow the user to have access to data in Dremio Cloud via AWS API.
Click the Next: Permissions button.
Select the option to Attach existing policies directly and click Create Policy.
Paste the JSON policy that you copied before starting this procedure into the JSON tab in the AWS Console. Replace
BUCKET-NAMEwith the name of your S3 bucket.
Click Next: Tags.
(Optional) In the Add tags page, you can add tags as key-value pairs to AWS resources for helping identify, organize, or search for AWS resources. Click Add tag. Enter a key and a corresponding value. You can add up to 50 tags.
Click Next: Review.
On the Review Policy page,for Name, enter a name (for example dremio-dataaccess-policy).
(Optional) For Description, enter the description for the policy that is being created.
The Summary section shows the properties of the policy that is being created. This section shows whether or not the actions defined by the policy that is being created have an applicable resource or condition. Ensure that to grant access, policies must have an action that has an applicable resource or condition.
Click Create Policy. This will create your policy and take you back to the Add User flow.
Search for the policy that you created and attach it to the IAM User by checking the box.
Click Next: Tags. (Optional) Add key-value pair tags to add metadata to the user.
Click Next: Review. Verify that you have set the access type to programmatic access and the correct policy is attached.
Click Create user. Your IAM user has successfully been created.
Click the Download.csv button to download the Access key ID and Secret Access Key.