RegisterResource
Registers the resource as managed by the Data Catalog.
To add or update data, AWS Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.
The following request registers a new location and gives Lake Formation permission to use the service-linked role to access that location.
ResourceArn = arn:aws:s3:::my-bucket/
UseServiceLinkedRole = true
If UseServiceLinkedRole
is not set to true, you must provide or set the RoleArn
:
arn:aws:iam::12345:role/my-data-access-role
Request Syntax
{
"HybridAccessEnabled": boolean
,
"ResourceArn": "string
",
"RoleArn": "string
",
"UseServiceLinkedRole": boolean
,
"WithFederation": boolean
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- HybridAccessEnabled
-
Specifies whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.
Type: Boolean
Required: No
- ResourceArn
-
The Amazon Resource Name (ARN) of the resource that you want to register.
Type: String
Required: Yes
- RoleArn
-
The identifier for the role that registers the resource.
Type: String
Pattern:
arn:aws:iam::[0-9]*:role/.*
Required: No
- UseServiceLinkedRole
-
Designates an AWS Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog. A service-linked role is a unique type of IAM role that is linked directly to Lake Formation.
For more information, see Using Service-Linked Roles for Lake Formation.
Type: Boolean
Required: No
- WithFederation
-
Whether or not the resource is a federated resource.
Type: Boolean
Required: No
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Access to a resource was denied.
HTTP Status Code: 400
- AlreadyExistsException
-
A resource to be created or added already exists.
HTTP Status Code: 400
- EntityNotFoundException
-
A specified entity does not exist.
HTTP Status Code: 400
- InternalServiceException
-
An internal service error occurred.
HTTP Status Code: 500
- InvalidInputException
-
The input provided was not valid.
HTTP Status Code: 400
- OperationTimeoutException
-
The operation timed out.
HTTP Status Code: 400
- ResourceNumberLimitExceededException
-
A resource numerical limit was exceeded.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: