AWS::LakeFormation::PrincipalPermissionsCfnPrincipalPermissions
The `AWS::LakeFormation::PrincipalPermissions` resource represents the permissions that a principal has on a Data Catalog resource (such as AWS Glue databases or AWS Glue tables). When you create a `PrincipalPermissions` resource, the permissions are granted via the AWS Lake Formation `GrantPermissions` API operation. When you delete a `PrincipalPermissions` resource, the permissions on principal-resource pair are revoked via the AWS Lake Formation `RevokePermissions` API operation.
Import
import { CfnPrincipalPermissions } from 'aws-cdk-lib/aws-lakeformation';Or use the module namespace:
import * as lakeformation from 'aws-cdk-lib/aws-lakeformation';
// lakeformation.CfnPrincipalPermissionsProperties
Configuration passed to the constructor as CfnPrincipalPermissionsProps.
permissionsRequiredstring[]The permissions granted or revoked.
permissionsWithGrantOptionRequiredstring[]Indicates the ability to grant permissions (as a subset of permissions granted).
principalRequiredIResolvable | DataLakePrincipalPropertyThe principal to be granted a permission.
resourceRequiredIResolvable | ResourcePropertyThe resource to be granted or revoked permissions.
catalogOptionalstringThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.
CloudFormation Resource
This L1 construct maps directly to the following CloudFormation resource type.
Learn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
aws-lakeformationAWS::LakeFormation::PrincipalPermissions