Help Center>
DataArts Lake Formation>
User Guide>
Preparations>
Configuring Cloud Service Authorization
Updated on 2024-02-02 GMT+08:00
Configuring Cloud Service Authorization
Before using LakeFormation, you need to authorize it to access related cloud services.
- IAM ReadOnlyAccess: allows your instance to obtain user group and user information when running.
- OBS OperateAccess: provides the storage function for your instance.
- OBS AccessLabel: allows your instance to control permissions by using tagging.
- OBS Bucket Lifecycle: This permission is required to manage the lifecycle of instances.
- VPCEndpoint Administrator: allows you to operate on VPC endpoint for instance access management.
- DNS FullAccess: allows you to modify DNS private domain names for instance access management.
Procedure
- Log in to the LakeFormation console.
- Click the service list and choose Analytics > LakeFormation. On the displayed page, click Service Authorization the left navigation pane.
Figure 1 Authorization
- Select "I have read and agree with the LakeFormation Service Statement." and click Authorized.
After cloud service authorization, LakeFormation will create an agency named lakeformation_admin_trust in Identity and Access Management (IAM). Do not delete the agency when using LakeFormation.
If the agency fails to be automatically created, log in to the IAM console, delete the agency or contact the administrator to increase the quota, and check whether the current user has the permission to create an agency.
Parent topic: Preparations
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
