Step 7: Grant data permissions

You must grant permissions to create metadata tables in the Data Catalog. Because the workflow will run with the role LakeFormationWorkflowRole, you must grant these permissions to the role.

In the Lake Formation console, in the navigation pane, under Data catalog, choose Databases.
Choose the lakeformation_cloudtrail database, then, from the Actions drop-down list, choose Grant under the heading Permissions.
In the Grant data permissions dialog box, make these selections:
1. Under Principals, for IAM user and roles, choose LakeFormationWorkflowRole.
2. Under LF-Tags or catalog resources, choose Named data catalog resources.
3. For Databases, you should see that the lakeformation_cloudtrail database is already added.
4. Under Database permissions, select Create table, Alter, and Drop, and clear Super if it is selected.
Your Grant data permissions dialog box should now look like this screenshot.
Choose Grant.

For more information about granting Lake Formation permissions, see Managing Lake Formation permissions.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Step 6: Create a database in the Data Catalog

Step 8: Use a blueprint to create a workflow