Working with Amazon Lake Formation-protected data
Full Table Access
Amazon Glue supports Full Table Access (FTA) for Amazon Lake Formation-protected tables. This allows your ETL jobs to read and write data with full table permissions.
Prerequisites
-
Appropriate IAM roles and permissions
-
Amazon Lake Formation configured for your data catalog
-
Compatible table types (Hive or Iceberg)
Key considerations
Required permissions
-
lakeformation:GetDataAccess
IAM permission -
Amazon Lake Formation table permissions
-
Amazon S3 bucket access permissions
Supported table types
-
Hive tables
-
Iceberg tables
Limitations
-
Not compatible with Spark Streaming
-
Cannot be used simultaneously with fine-grained access control
-
Does not support Delta or Hudi tables
Best Practices
-
Ensure IAM roles are properly configured before job execution
-
Test access permissions in a development environment
-
Monitor job execution logs for permission-related issues
-
Maintain clear documentation of access patterns
Troubleshooting
Common issues include:
-
Missing IAM permissions
-
Incorrect Amazon Lake Formation configuration
-
Table type compatibility problems
For complete setup instructions and configuration details, see
Using Amazon Lake Formation with full table access