Unable to export RDS snapshot to S3: The Principal export.rds.amazonaws.com isn’t allowed to assume the IAM role

Question 1

I have this error when I’m trying to upload an RDS snapshot to the S3 (in the same region), although I have the correct IAM role:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "export.rds.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "",

"Effect": "Allow",

"Principal": {

"Service": "export.rds.amazonaws.com"

},

"Action": "sts:AssumeRole"

}

]

}

Error message:

Your request to export snapshot to S3 has failed.
The Principal export.rds.amazonaws.com isn't allowed to assume the IAM 
role arn:aws:iam::030578524176:role/service-role/rds-export-role or 
the IAM role arn:aws:iam::030578524176:role/service-role/rds-export- 
role doesn't exist.

1

2

3

4

5

6

Your request to export snapshot to S3 has failed.

The Principal export.rds.amazonaws.com isn't allowed to assume the IAM

role arn:aws:iam::030578524176:role/service-role/rds-export-role or

the IAM role arn:aws:iam::030578524176:role/service-role/rds-export-

role doesn't exist.

Question 2

Hi please add below in trust relationship of IAM role which you are using

“Service”: “export.rds.amazonaws.com”

https://aws.amazon.com/premiumsupport/knowledge-center/rds-mysql-export-snapshot/

Unable to export RDS snapshot to S3: The Principal export.rds.amazonaws.com isn’t allowed to assume the IAM role

Question:

Answer:

Leave a Reply Cancel reply