Step 7: Grant data permissions - AWS Lake Formation

Step 7: Grant data permissions

You must grant permissions to create metadata tables in the Data Catalog. Because the workflow runs with the role LakeFormationWorkflowRole, you must grant these permissions to the role.

  1. On the Lake Formation console, in the navigation pane, under Data lake permissions, choose Data permissions.

  2. Choose Grant, and in the Grant data permissions dialog box, do the following:

    1. Under Principals, for IAM user and roles, choose LakeFormationWorkflowRole.

    2. Under LF-Tags or catalog resources, choose Named data catalog resources.

    3. For Databases, choose the database that you created previously, lakeformation_tutorial.

    4. Under Database permissions, select Create table, Alter, and Drop, and clear Super if it is selected.

  3. Choose Grant.

For more information about granting Lake Formation permissions, see Security and access Control to metadata and data in Lake Formation.