Skip to content

Resource: awsLakeformationResource

Registers a Lake Formation resource (e.g., S3 bucket) as managed by the Data Catalog. In other words, the S3 path is added to the data lake.

Choose a role that has read/write access to the chosen Amazon S3 path or use the service-linked role. When you register the S3 path, the service-linked role and a new inline policy are created on your behalf. Lake Formation adds the first path to the inline policy and attaches it to the service-linked role. When you register subsequent paths, Lake Formation adds the path to the existing policy.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsS3BucketExample = new aws.dataAwsS3Bucket.DataAwsS3Bucket(
  this,
  "example",
  {
    bucket: "an-example-bucket",
  }
);
const awsLakeformationResourceExample =
  new aws.lakeformationResource.LakeformationResource(this, "example_1", {
    arn: dataAwsS3BucketExample.arn,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsLakeformationResourceExample.overrideLogicalId("example");

Argument Reference

  • arn – (Required) Amazon Resource Name (ARN) of the resource, an S3 path.
  • roleArn – (Optional) Role that has read/write access to the resource. If not provided, the Lake Formation service-linked role must exist and is used.

\~> NOTE: AWS does not support registering an S3 location with an IAM role and subsequently updating the S3 location registration to a service-linked role.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • lastModified - (Optional) The date and time the resource was last modified in RFC 3339 format.