We would like to grant Spark clusters, fired up from the self service analysis dashboard, read+list access to v4 telemetry submissions on top of its current access to telemetry-published-v2 bucket for v2 telemetry submission. Having access to both v2 and v4 submissions within the same Spark cluster is going to be useful to validate the new v4 data. The current role for Spark clusters, "telemetry-spark-emr", is defined in the old moz-svc-dev IAM.
Role ARN: arn:aws:iam::142069644989:role/pipeline-old-dev-iam-access-IamRole-VKIYZT5FHCN9 Instance Profile ARN: arn:aws:iam::142069644989:instance-profile/pipeline-old-dev-iam-access-IamInstanceProfile-UIBIRWX6SLKP I've updated the prod IAM permissions to allow read access from old dev, and copied the CFN defining an example IAM role to new dev. You should either be able to use the above instance profile or create your own.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.