HI Team,
we have created new premium workspace with custom managed vpc, workspace deployed successfully in AWS. we are trying to create folder in dbfs, we are getting below error. we have compared cross account custom managed role (Customer-managed VPC with custom policy restrictions), but still we are getting "GetObjectMetadataRequest" forbidden. i am not seeing issue in terms of permissions, did anything had been updated from databricks metastore end .
Caused by: java.nio.file.AccessDeniedException: s3a://xxxxx/nvirginia-prod/xxxx.meta/mounts:
getFileStatus on s3a://xxxxx nvirginia-prod/xxxx.meta/mounts:
com.amazonaws.services.s3.model.AmazonS3Exception:
Forbidden; request: HEAD https://xxxx nvirginia-prod/xxxxx.meta/mounts {} Hadoop 2.7.7, aws-sdk-java/1.12.261 Linux/5.4.0-1096-aws OpenJDK_64-Bit_Server_VM/25.342-b07 java/1.8.0_342 scala/2.12.15 kotlin/1.6.21 vendor/Private_Build cfg/retry-mode/legacy com.amazonaws.services.s3.model.GetObjectMetadataRequest; Request ID: xxxx, Extended Request ID: xxxxx, Cloud Provider: AWS, Instance ID: i-xxxx
(Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: xxxxx; S3 Extended Request ID: xxxxx=; Proxy: null)
, S3 Extended Request ID: xxxxxxx=:403 Forbidden