All S3 bucket objects are private by default. Only bucket owner can access the objects. You have to create IAM policy with appropriate permissions for any user who wants to access any specific bucket and its object with out making them public. On the other hand you can as well create a presigned URL uisng which user can access the object without requiring AWS credentials or IAM policy permissions.
You can read more about what are Presigned URLs.
Two steps required to access AWS S3 object in PowerBI-
- Generate a Pre-signed URL for AWS S3 object
- Access this object in PowerBI using Web option.
Generate Pre-singed URL-
>>Install AWS client.
>>Open command prompt (as administrator) and run command to configure aws-
C:\>aws configure [Note: you have to provide the AWS user Access Key, Secret Access Key, Region and the output format]
>>Now run command similar to the below one to generate the Pre-signed URL-
C:\> aws presign s3://sharepresignedurl/test.csv –expires-in 100 [Note: “sharepresignedurl” is the bucket and “test.csv” is the object we are going to access, the access will last for 100 seconds as mentioned in expires-in parameter, you can increase the time as per your requirement]
In case the object is within a folder (say, “newfolder“) in the bucket, then the url will be as shown below
C:\> aws presign s3://sharepresignedurl/newfolder/test.csv –expires-in 100
>>Now Pre-signed URL is available, Open PowerBI desktop and click on “Get Data” option
>>Select “other” and then “Web” on the pop-up and the click Connect
>>On new pop-up, enter the Pre-signed URL and click OK.
>>Click on Connect on new screen-
>>It will open the object data and show in the screen as below, click “Load” to load the data
>>This way the access to S3 object can be given to someone for predefined time period using the Pre-signed URL.