Aurora-加密存储桶时从s3加载数据

Question

我正在尝试将存储在加密的S3存储桶中的CSV文件中的数据加载到Aurora表中。

LOAD DATA FROM S3 's3-eu-west-1://my.bucket/payout/export_payout.csv'
INTO TABLE payout
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\r\n'
(payment_block_key,doc_date, item_text, currency, @days_in_arrears)
SET
days_in_arrears = NULLIF(@days_in_arrears, '');

如果运行此查询，则会出现以下错误：

S3 API returned error: Access Denied:Access Denied

我如何指定用于将文件下载到Aurora的KMS密钥？

Answer 1

Aurora使用IAM角色从Amazon S3访问数据。您将需要授予该角色访问S3存储桶的权限，还需要授予使用KMS相关密钥的权限。

请参阅：

• Creating an IAM Policy to Access Amazon S3 Resources - Amazon Aurora

• Creating an IAM Role to Allow Amazon Aurora to Access AWS Services - Amazon Aurora