Creating Role ARN for Amazon Kinesis Data Firehose to Amazon S3 Integration

Streamlining Data Transfer from Amazon Kinesis Data Firehose to Amazon S3 with a Step-by-Step Role ARN Creation Process

Navigate to the Identity and Access Management (IAM) server, select "Roles," and proceed to create a new role.

Select the AWS service, choose S3 as the service, specify the S3 use case for the selected service, and proceed by clicking on "Next.


Scroll down and continue the process by clicking on "Next.

 

Provide a name and description for the role as required.

Complete the role creation process by scrolling down and clicking on the "Create role" button.

Search for the role you just created, then select the role by clicking on it


Navigate to the "Permissions policies" section, click on "Add permissions," and then select "Create Inline Policy."

 


When specifying the permissions, choose the type as JSON, and clear any pre-existing JSON script in the editor.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*",
"s3-object-lambda:*"
],
"Resource": "*"
},
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "arn:aws:iam::YOUR_AWS_ACC_ID:role/*"
}
]
}


Copy the provided code Above, paste it into the Policy Editor window, add your AWS account ID as shown in the accompanying image, then scroll down and click on "Create Policy."


Provide a name for the policy and proceed by clicking on "Create Policy."


Navigate to Identity and Access Management (IAM), select "Roles," and search for the role recently created. Click on the identified role.

'

Choose "Trust relationships" and proceed by clicking on "Edit trust policy."

 

In the Policy Editor window, copy and paste the provided code.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "firehose.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}

After pasting the code, finalize the process by clicking on "Update Policy.

 

After successfully adding the Trust policy, copy the ARN (Amazon Resource Name).

 

Proceed to the Admin Dashboard, then navigate to "Settings" and select "Custom Email Domain."

 

Paste the copied ARN value from AWS into the "Role ARN (Firehose to S3)" field and save the changes by clicking on "Save.