Step 10: Grant SELECT on the tables
You must grant the SELECT
permission on the new Data Catalog tables so that the data
analyst can query the data that the tables point to.
Note
A workflow automatically grants the SELECT
permission on the tables that it
creates to the user who ran it. Because the data lake administrator ran this workflow, you must
grant SELECT
to the data analyst.
-
In the Lake Formation console, in the navigation pane, under Data catalog, choose Databases.
-
Choose the
lakeformation_cloudtrail
database, then, from the Actions drop-down list, choose Grant under the heading Permissions. -
In the Grant data permissions dialog box, make these selections:
-
Under Principals, for IAM user and roles, choose
datalake_user
. -
Under LF-Tags or catalog resources, choose Named data catalog resources.
-
For Databases, the
lakeformation_cloudtrail
database should already be selected. -
For Tables, choose
cloudtrailtest-cloudtrail
. -
Under Table and column permissions, choose Select.
-
-
Choose Grant.
The next step is performed as the data analyst.