AWS Lake Formation
Developer Guide

Step 5: Secure New Data Catalog Resources

Next, secure all new Data Catalog resources by changing the default Data Catalog settings. Turn off the options to use only AWS Identity and Access Management (IAM) access control for new databases and tables.

To change the default Data Catalog settings

  1. Open the AWS Lake Formation console at https://console.aws.amazon.com/lakeformation/. Sign in as an IAM administrative user (the user Administrator or another user with the AdministratorAccess AWS managed policy).

  2. In the navigation pane, choose Settings.

  3. On the Data catalog settings page, clear both check boxes, and then choose Save.

The next step is to grant users access to additional databases or tables in the future. See Step 6: Give Users a New IAM Policy for Future Data Lake Access.