RegisterResource - Lake Formation

RegisterResource

Registers the resource as managed by the Data Catalog.

To add or update data, AWS Lake Formation needs read/write access to the chosen Amazon S3 path. Choose a role that you know has permission to do this, or choose the AWSServiceRoleForLakeFormationDataAccess service-linked role. When you register the first Amazon S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.

The following request registers a new location and gives Lake Formation permission to use the service-linked role to access that location.

ResourceArn = arn:aws:s3:::my-bucket/ UseServiceLinkedRole = true

If UseServiceLinkedRole is not set to true, you must provide or set the RoleArn:

arn:aws:iam::12345:role/my-data-access-role

Request Syntax

{ "HybridAccessEnabled": boolean, "ResourceArn": "string", "RoleArn": "string", "UseServiceLinkedRole": boolean, "WithFederation": boolean }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

HybridAccessEnabled

Specifies whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.

Type: Boolean

Required: No

ResourceArn

The Amazon Resource Name (ARN) of the resource that you want to register.

Type: String

Required: Yes

RoleArn

The identifier for the role that registers the resource.

Type: String

Pattern: arn:aws:iam::[0-9]*:role/.*

Required: No

UseServiceLinkedRole

Designates an AWS Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog. A service-linked role is a unique type of IAM role that is linked directly to Lake Formation.

For more information, see Using Service-Linked Roles for Lake Formation.

Type: Boolean

Required: No

WithFederation

Whether or not the resource is a federated resource.

Type: Boolean

Required: No

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

Access to a resource was denied.

HTTP Status Code: 400

AlreadyExistsException

A resource to be created or added already exists.

HTTP Status Code: 400

EntityNotFoundException

A specified entity does not exist.

HTTP Status Code: 400

InternalServiceException

An internal service error occurred.

HTTP Status Code: 500

InvalidInputException

The input provided was not valid.

HTTP Status Code: 400

OperationTimeoutException

The operation timed out.

HTTP Status Code: 400

ResourceNumberLimitExceededException

A resource numerical limit was exceeded.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: