Is it possible to somehow grant permissions to ALL available databases in Lake Formation? Using the AWS UI I'm able to grant permission to individual databases. However I'm looking for a way to grant permissions to all available databases. Is that possible somehow?
Asked
Active
Viewed 1,100 times
2 Answers
1
Use tags
Create a tag "admin": "true" (or anything else more suitable for your need) Associate this tag to all db ( no need to associate table, they will inherit the tag value from their db) grant desired permissions on this tag to your user/role.
Benfit : any new db or tables tagged with this tag key/value will be accessible
AreuGTOready
- 11
- 1
0
Figured out how to use the CLI for that for individual databases. However, AWS confirms theres no API available for batch processing. Anyway this can be modified in a batch script or whatever one prefers to make it work in a batch style:
aws lakeformation grant-permissions --profile <your-profile> --principal '{"DataLakePrincipalIdentifier": "arn:aws:iam::<account-id>:role/<role>"}' --resource '{"Database": {"Name": "<database-name>", "CatalogId": "<account-id>"}}' --permissions ALL --permissions-with-grant-option ALL
plazmakeks
- 161
- 1
- 10