第1步: 创建 IAM 用户将成为数据分析师 - AWS Lake Formation
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

第1步: 创建 IAM 用户将成为数据分析师

在此步骤中,您将创建一个 AWS Identity and Access Management (人IAM)用户将成为您数据湖的数据分析师 AWS Lake Formation.

This user has the minimum set of permissions to query the data lake.

  1. Open the IAM console at https://console.aws.amazon.com/iam. Sign in as the IAM administrator user that you created in 创建 IAM 管理员用户 or as an IAM user with the AdministratorAccess AWS managed policy.

  2. Create a user named datalake_user with the following settings:

    • Enable AWS 管理控制台 access.

    • Set a password and do not require password reset.

    • Attach the AmazonAthenaFullAccess AWS managed policy.

    • Attach the following inline policy. Name the policy DatalakeUserBasic. 

      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "lakeformation:GetDataAccess",
                "glue:GetTable",
                "glue:GetTables",
                "glue:SearchTables",
                "glue:GetDatabase",
                "glue:GetDatabases",
                "glue:GetPartitions"
            ],
            "Resource": "*"
        }
    ]
}