Step 1: Provision your resources using Amazon CloudFormation templates - Amazon Lake Formation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Step 1: Provision your resources using Amazon CloudFormation templates

The CloudFormation template for the producer account generates the following resources:

  • An Amazon S3 bucket to serve as the data lake.

  • A Lambda function (for Lambda-backed Amazon CloudFormation custom resources). We use the function to copy sample data files from the public Amazon S3 bucket to your Amazon S3 bucket.

  • IAM users and policies: DataLakeAdminProducer.

  • The appropriate Lake Formation settings and permissions including:

    • Defining the Lake Formation data lake administrator in the producer account

    • Registering an Amazon S3 bucket as the Lake Formation data lake location (producer account)

  • An Amazon Glue Data Catalog database, table, and partition. Since there are two options for sharing resources across Amazon Web Services accounts, this template creates two separate sets of database and table.

The Amazon CloudFormation template for the consumer account generates the following resources:

  • IAM users and policies:

    • DataLakeAdminConsumer

    • DataAnalyst

  • An Amazon Glue Data Catalog database. This database is for creating resource links to shared resources.

Create your resources in the producer account

  1. Sign into the Amazon CloudFormation console at https://console.amazonaws.cn/cloudformation in the US East (N. Virginia) region.

  2. Choose Launch Stack.

  3. Choose Next.

  4. For Stack name, enter a stack name, such as stack-producer.

  5. In the User Configuration section, enter user name and password for ProducerDatalakeAdminUserName and ProducerDatalakeAdminUserPassword.

  6. For DataLakeBucketName, enter the name of your data lake bucket. This name needs to be globally unique.

  7. For DatabaseName and TableName, leave the default values.

  8. Choose Next.

  9. On the next page, choose Next.

  10. Review the details on the final page and select I acknowledge that Amazon CloudFormation might create IAM resources.

  11. Choose Create.

    The stack creation can take up to one minute.

Create your resources in the consumer account

  1. Sign into the Amazon CloudFormation console at https://console.amazonaws.cn/cloudformation in the US East (N. Virginia) region.

  2. Choose Launch Stack.

  3. Choose Next.

  4. For Stack name, enter a stack name, such as stack-consumer.

  5. In the User Configuration section, enter user name and password for ConsumerDatalakeAdminUserName and ConsumerDatalakeAdminUserPassword.

  6. For DataAnalystUserName and DataAnalystUserPassword, enter the user name and password you want for the data analyst IAM user.

  7. For DataLakeBucketName, enter the name of your data lake bucket. This name needs to be globally unique.

  8. For DatabaseName, leave the default values.

  9. For AthenaQueryResultS3BucketName, enter the name of the Amazon S3 bucket that stores Amazon Athena query results. If you don’t have one, create an Amazon S3 bucket.

  10. Choose Next.

  11. On the next page, choose Next.

  12. Review the details on the final page and select I acknowledge that Amazon CloudFormation might create IAM resources.

  13. Choose Create.

    The stack creation can take up to one minutes.

Note

After completing the tutorial, delete the stack in Amazon CloudFormation to avoid incurring charges. Verify that the resources are successfully deleted in the event status for the stack.