AWS Lake Formation
Developer Guide

Step 3: Give Users IAM Permissions to Use Lake Formation

To use the AWS Lake Formation permissions model, principals must have AWS Identity and Access Management (IAM) permissions on the Lake Formation APIs.

Create the following policy in IAM and attach it to every user who needs access to your data lake. Name the policy LakeFormationDataAccess.

{ "Version": "2012-10-17", "Statement": [ { "Sid": "LakeFormationDataAccess", "Effect": "Allow", "Action": [ "lakeformation:GetDataAccess" ], "Resource": "*" } ] }

Next, upgrade to Lake Formation permissions one data location at a time. See Step 4: Switch Your Data Stores to the Lake Formation Permissions Model.