AWS::LakeFormation Construct Library

This module is part of the AWS Cloud Development Kit project.

import aws_cdk.aws_lakeformation as lakeformation

There are no official hand-written (L2) constructs for this service yet. Here are some suggestions on how to proceed:

• Search Construct Hub for LakeFormation construct libraries

• Use the automatically generated L1 constructs, in the same way you would use the CloudFormation AWS::LakeFormation resources directly.

There are no hand-written (L2) constructs for this service yet. However, you can still use the automatically generated L1 constructs, and use this service exactly as you would using CloudFormation directly.

For more information on the resources and properties available for this service, see the CloudFormation documentation for AWS::LakeFormation.

(Read the CDK Contributing Guide and submit an RFC if you are interested in contributing to this construct library.)

Example

Here is an example of creating a glue table and putting lakeformation tags on it. Note: this example uses deprecated constructs and overly permissive IAM roles. This example is meant to give a general idea of using the L1s; it is not production level.

import aws_cdk as cdk
from aws_cdk.aws_glue_alpha import S3Table, Database, DataFormat, Schema
from aws_cdk.aws_lakeformation import CfnDataLakeSettings, CfnTag, CfnTagAssociation

# stack: cdk.Stack
# account_id: str


tag_key = "aws"
tag_values = ["dev"]

database = Database(self, "Database")

table = S3Table(self, "Table",
    database=database,
    columns=[Column(
        name="col1",
        type=Schema.STRING
    ), Column(
        name="col2",
        type=Schema.STRING
    )
    ],
    data_format=DataFormat.CSV
)

synthesizer = stack.synthesizer
CfnDataLakeSettings(self, "DataLakeSettings",
    admins=[CfnDataLakeSettings.DataLakePrincipalProperty(
        data_lake_principal_identifier=stack.format_arn(
            service="iam",
            resource="role",
            region="",
            account=account_id,
            resource_name="Admin"
        )
    ), CfnDataLakeSettings.DataLakePrincipalProperty(
        # The CDK cloudformation execution role.
        data_lake_principal_identifier=synthesizer.cloud_formation_execution_role_arn.replace("${AWS::Partition}", "aws")
    )
    ]
)

tag = CfnTag(self, "Tag",
    catalog_id=account_id,
    tag_key=tag_key,
    tag_values=tag_values
)

lf_tag_pair_property = CfnTagAssociation.LFTagPairProperty(
    catalog_id=account_id,
    tag_key=tag_key,
    tag_values=tag_values
)

tag_association = CfnTagAssociation(self, "TagAssociation",
    lf_tags=[lf_tag_pair_property],
    resource=CfnTagAssociation.ResourceProperty(
        table_with_columns=CfnTagAssociation.TableWithColumnsResourceProperty(
            database_name=database.database_name,
            column_names=["col1", "col2"],
            catalog_id=account_id,
            name=table.table_name
        )
    )
)

tag_association.node.add_dependency(tag)
tag_association.node.add_dependency(table)

Additionally, you may need to use the lakeformation console to give permissions, particularly to give the cdk-exec-role tagging permissions.