Access Amazon S3 data files directly using AWS Lake Formation permissions

Big Data Blog

This article announces Lake Formation's new capability to access S3 data files directly using Lake Formation permissions, eliminating separate S3 bucket policies.

Data scientists can read/write S3 files using Spark APIs governed by Lake Formation permissions
New GetTemporaryDataLocationCredentials() API vends temporary scoped credentials for S3 locations
Unified permissions eliminate operational overhead and permission drift between systems
Java plugin integrated into EMR 7.13+ automatically handles credential vending for S3 access
Supports EMR Spark, SageMaker Unified Studio, and custom applications
Single audit trail in CloudTrail for both table and file-level access
Reduces complexity for operations teams managing separate permission policies

Lake Formation now provides unified governance for both SQL table access and direct S3 file access, simplifying data lake management while maintaining fine-grained access control and compliance auditing.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Jun 12
2026

AWS Lake Formation extends table permissions to access underlying data in Amazon S3

Jul 20
2023

Query your Apache Hive metastore with AWS Lake Formation permissions

Mar 17
2026

Simplified permissions for Amazon S3 Tables and Iceberg materialized views

May 29
2024

Simplify data lake access control for your enterprise users with trusted identity propagation in AWS IAM Identity Center, AWS Lake Formation, and Amazon S3 Access Grants

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Access Amazon S3 data files directly using AWS Lake Formation permissions

Related articles