AWS Redshift bulk operation snaps - cross-account IAM support

SnapLogic is running on an ec2 instance in AWS Account A.
Redshift is running in AWS Account B.

  1. The IAM role attached to the SnapLogic ec2 instance in AWS Account A allows all S3 action on all S3 resources.

  2. The S3 bucket in AWS Account B has a bucket policy that allows the SnapLogic IAM role from Account A to read/write to it.

  3. The IAM role attached to Redshift in Account B allows S3 actions on the S3 bucket in AWS Account B.

  4. The S3 bucket in Account B has a bucket policy that allows the Redshift IAM role to read/write to it.

An ‘Access Denied, Status 403’ message is produced when using Redshift bulk operation snaps (e.g. Redshift Bulk Load).

The issue is that the temp/staging file that SnapLogic writes to S3 is owned by AWS Account A and there is no ACL on this file that allows Account B to access it.

I believe the Redshift bulk snaps need to be modified to allow an ACL to be specified; just like the S3 File Writer snap does.