To extract metadata and to configure other capabilities that a catalog source might include, you need account access and permissions on the source system. The permissions required might vary depending on the capability.
Permissions to extract metadata
Ensure that you have the required permissions to enable metadata extraction.
Grant the following permissions:
•Read permission for the user account that you use to access the catalog source.
•Access permission. Required if the user account is different from the user account that you used to create the Amazon S3 catalog source.
Permissions to run data profiles
Ensure that you have the required permissions to run profiles.
Grant the following permissions:
•ListBucket. Required to view objects from Amazon S3 buckets.
•ListBucketMultipartUploads. Required to list multipart object uploads to Amazon S3 buckets that are in progress.
•GetObject. Required to read objects from Amazon S3 buckets.
•PutObject. Required to process staging data for Avro and Parquet files.
•DeleteObject. Required to delete staging data of Avro and Parquet files.
Permissions to run data classification
You don't need any additional permissions to run data classification.
Permissions to run relationship discovery
You don't need any additional permissions to run relationship discovery.
Permissions to run glossary association
You don't need any additional permissions to run glossary association.