Resource link handling in AWS Glue
APIs
The following tables explain how the AWS Glue Data Catalog APIs handle database and table resource
links. For all Get* API operations, only databases and tables that the caller has
permissions on get returned. Also, when accessing a target database or table through a
resource link, you must have both AWS Identity and Access Management (IAM) and Lake Formation permissions on both the target
and the resource link. The Lake Formation permission that is required on resource links is
DESCRIBE. For more information, see DESCRIBE.
Database API operations
| API operation |
Resource link handling |
CreateDatabase |
If the database is a resource link, creates the resource link to the designated
target database. |
UpdateDatabase |
If the designated database is a resource link, follows the link and updates the
target database. If the resource link must be modified to link to a different
database, you must delete it and create a new one. |
DeleteDatabase |
Deletes the resource link. It doesn't delete the linked (target)
database. |
GetDatabase |
If the caller has permissions on the target, follows the link to return the
target's properties. Otherwise, it returns the properties of the link. |
GetDatabases |
Returns a list of databases, including resource links. For each resource link in
the result set, the operation follows the link to get the properties of the link
target. You must specify ResourceShareType = ALL to see the
databases shared with your account. |
Table API operations
| API operation |
Resource link handling |
CreateTable |
If the database is a resource link, follows the database link and creates a table
in the target database. If the table is a resource link, the operation creates the
resource link in the designated database. Creating a table resource link through a
database resource link is not supported. |
UpdateTable |
If either the table or designated database is a resource link, updates the target
table. If both the table and database are resource links, the operation fails. |
DeleteTable |
If the designated database is a resource link, follows the link and deletes the
table or table resource link in the target database. If the table is a resource link,
the operation deletes the table resource link in the designated database. Deleting a
table resource link does not delete the target table. |
BatchDeleteTable |
Same as DeleteTable. |
GetTable |
If the designated database is a resource link, follows the database link and
returns the table or table resource link from the target database. Otherwise, if the
table is a resource link, the operation follows the link and returns the target table
properties. |
GetTables |
If the designated database is a resource link, follows the database link and
returns the tables and table resource links from the target database. If the target
database is a shared database from another AWS account, the operation returns only
the shared tables in that database. It doesn't follow the table resource links in the
target database. Otherwise, if the designated database is a local (owned) database,
the operation returns all the tables in the local database, and follows each table
resource link to return target table properties. |
SearchTables |
Returns tables and table resource links. It doesn't follow links to return target
table properties. You must specify ResourceShareType = ALL
to see tables shared with your account. |
GetTableVersion |
Same as GetTable. |
GetTableVersions |
Same as GetTable. |
DeleteTableVersion |
Same as DeleteTable. |
BatchDeleteTableVersion |
Same as DeleteTable. |
Partition API operations
| API operation |
Resource link handling |
CreatePartition |
If the designated database is a resource link, follows the database link and
creates a partition in the designated table in the target database. If the table is a
resource link, the operation follows the resource link and creates the partition in
the target table. Creating a partition through both a table resource link and database
resource link is not supported. |
BatchCreatePartition |
Same as CreatePartition. |
UpdatePartition |
If the designated database is a resource link, follows the database link and
updates the partition in the designated table in the target database. If the table is
a resource link, the operation follows the resource link and updates the partition in
the target table. Updating a partition through both a table resource link and database
resource link is not supported. |
DeletePartition |
If the designated database is a resource link, follows the database link and
deletes the partition in the designated table in the target database. If the table is
a resource link, the operation follows the resource link and deletes the partition in
the target table. Deleting a partition through both a table resource link and database
resource link is not supported. |
BatchDeletePartition |
Same as DeletePartition. |
GetPartition |
If the designated database is a resource link, follows the database link and
returns partition information from the designated table. Otherwise, if the table is a
resource link, the operation follows the link and returns partition information. If
both the table and database are resource links, it returns an empty result
set. |
GetPartitions |
If the designated database is a resource link, follows the database link and
returns partition information for all partitions in the designated table. Otherwise,
if the table is a resource link, the operation follows the link and returns partition
information. If both the table and database are resource links, it returns an empty
result set. |
BatchGetPartition |
Same as GetPartition. |
User-defined functions API operations
| API operation |
Resource Link Handling |
| (All API operations) |
If the database is a resource link, follows the resource link and performs the
operation on the target database. |
