Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Granting resource link permissions

PDF
Focus mode
Granting resource link permissions - AWS Lake Formation

Follow these steps to grant AWS Lake Formation permissions on one or more resource links to a principal in your AWS account.

After you create a resource link, only you can view and access it. (This assumes that Use only IAM access control for new tables in this database is not enabled for the database.) To permit other principals in your account to access the resource link, grant at least the DESCRIBE permission.

Important

Granting permissions on a resource link doesn't grant permissions on the target (linked) database or table. You must grant permissions on the target separately.

You can grant permissions by using the Lake Formation console, the API, or the AWS Command Line Interface (AWS CLI).

console
To grant resource link permissions using the Lake Formation console

  1. Do one of the following:

  2. Under Permissions, select the permissions to grant. Optionally, select grantable permissions.

    The Permissions section contains two tiles. Each tile contains a option button and text. The Resource link permissions tile is selected. The other tile is disabled, because it relates to table permissions. Below the tiles is a group of check boxes for resource link permissions to grant. Check boxes include Drop, Describe, and Super. Below that group is another group of the same check boxes for grantable permissions.

  3. Choose Grant.

AWS CLI
To grant resource link permissions using AWS CLI

  • Run the grant-permissions command, specifying a resource link as the resource.

    This example grants DESCRIBE to user datalake_user1 on the table resource link incidents-link in the database issues in AWS account 1111-2222-3333.

    aws lakeformation grant-permissions --principal DataLakePrincipalIdentifier=arn:aws:iam::111122223333:user/datalake_user1 --permissions "DESCRIBE" --resource '{ "Table": {"DatabaseName":"issues", "Name":"incidents-link"}}'
anchoranchor
To grant resource link permissions using the Lake Formation console

  1. Do one of the following:

  2. Under Permissions, select the permissions to grant. Optionally, select grantable permissions.

    The Permissions section contains two tiles. Each tile contains a option button and text. The Resource link permissions tile is selected. The other tile is disabled, because it relates to table permissions. Below the tiles is a group of check boxes for resource link permissions to grant. Check boxes include Drop, Describe, and Super. Below that group is another group of the same check boxes for grantable permissions.

  3. Choose Grant.

See Also:

Related resources

AWS Lake Formation API Reference
AWS CLI commands for AWS Lake Formation
SDKs & Tools 

Related resources

AWS Lake Formation API Reference
AWS CLI commands for AWS Lake Formation
SDKs & Tools 
PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.