AWS::LakeFormation::Resource
The AWS::LakeFormation::Resource represents the data ( buckets and folders) that is being registered with AWS Lake Formation.
During a stack operation, AWS CloudFormation calls the AWS Lake Formation
RegisterResource API operation to register the resource.
To remove a Resource type, AWS CloudFormation calls the AWS Lake Formation
DeregisterResource API operation.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::LakeFormation::Resource", "Properties" : { "HybridAccessEnabled" :Boolean, "ResourceArn" :String, "RoleArn" :String, "UseServiceLinkedRole" :Boolean, "WithFederation" :Boolean} }
YAML
Type: AWS::LakeFormation::Resource Properties: HybridAccessEnabled:BooleanResourceArn:StringRoleArn:StringUseServiceLinkedRole:BooleanWithFederation:Boolean
Properties
HybridAccessEnabled-
Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.
Required: No
Type: Boolean
Update requires: No interruption
ResourceArn-
The Amazon Resource Name (ARN) of the resource.
Required: Yes
Type: String
Update requires: Replacement
RoleArn-
The IAM role that registered a resource.
Required: No
Type: String
Pattern:
arn:aws:iam::[0-9]*:role/.*Update requires: No interruption
UseServiceLinkedRole-
Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog.
Required: Yes
Type: Boolean
Update requires: No interruption
WithFederation-
Allows Lake Formation to assume a role to access tables in a federated database.
Required: No
Type: Boolean
Update requires: No interruption
Return values
Fn::GetAtt
