AWS Lake Formation Data Lake Settings
This page shows how to write Terraform and CloudFormation for Lake Formation Data Lake Settings and write them securely.
aws_lakeformation_data_lake_settings (Terraform)
The Data Lake Settings in Lake Formation can be configured in Terraform with the resource name aws_lakeformation_data_lake_settings
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
admins
optional computed - set of string -
catalog_id
optional - string -
id
optional computed - string -
trusted_resource_owners
optional computed - list of string -
create_database_default_permissions
list block-
permissions
optional computed - set of string -
principal
optional computed - string
-
-
create_table_default_permissions
list block-
permissions
optional computed - set of string -
principal
optional computed - string
-
Explanation in Terraform Registry
Manages Lake Formation principals designated as data lake administrators and lists of principal permission entries for default create database and default create table permissions.
NOTE: Lake Formation introduces fine-grained access control for data in your data lake. Part of the changes include the
IAMAllowedPrincipals
principal in order to make Lake Formation backwards compatible with existing IAM and Glue permissions. For more information, see Changing the Default Security Settings for Your Data Lake and Upgrading AWS Glue Data Permissions to the AWS Lake Formation Model.
AWS::LakeFormation::DataLakeSettings (CloudFormation)
The DataLakeSettings in LakeFormation can be configured in CloudFormation with the resource name AWS::LakeFormation::DataLakeSettings
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
Admins
optional - Admins -
TrustedResourceOwners
optional - List
Explanation in CloudFormation Registry
The
AWS::LakeFormation::DataLakeSettings
resource is an AWS Lake Formation resource type that manages the data lake settings for your account. Note that the CloudFormation template only supports updating theAdmins
list. It does not support updating the CreateDatabaseDefaultPermissions or CreateTableDefaultPermissions. Those permissions can only be edited in the DataLakeSettings resource via the API.