Step 1: Create a data analyst user - AWS Lake Formation

Step 1: Create a data analyst user

This user has the minimum set of permissions to query the data lake.

  1. Open the IAM console at Sign in as the administrator user that you created in Create a user with administrative access or as a user with the AdministratorAccess AWS managed policy.

  2. Create a user named datalake_user with the following settings:

    • Enable AWS Management Console access.

    • Set a password and do not require password reset.

    • Attach the AmazonAthenaFullAccess AWS managed policy.

    • Attach the following inline policy. Name the policy DatalakeUserBasic.

      { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "lakeformation:GetDataAccess", "glue:GetTable", "glue:GetTables", "glue:SearchTables", "glue:GetDatabase", "glue:GetDatabases", "glue:GetPartitions", "lakeformation:GetResourceLFTags", "lakeformation:ListLFTags", "lakeformation:GetLFTag", "lakeformation:SearchTablesByLFTags", "lakeformation:SearchDatabasesByLFTags" ], "Resource": "*" } ] }