diff --git a/data-exports/deploy/data-exports-aggregation.yaml b/data-exports/deploy/data-exports-aggregation.yaml index 109549bd..2505b78d 100644 --- a/data-exports/deploy/data-exports-aggregation.yaml +++ b/data-exports/deploy/data-exports-aggregation.yaml @@ -1235,6 +1235,20 @@ Resources: Name: !Join [ '_', !Split [ '-', !Sub '${ResourcePrefix}_data_export' ] ] # replace '-' to '_' CatalogId: !Sub "${AWS::AccountId}" + LakeFormationCrawlerForDatabase: + Type: AWS::LakeFormation::TagAssociation + Condition: NeedLakeFormationEnabledDB + Properties: + Principal: !GetAtt CidDataExportCrawlerRole.Arn + Resource: + Database: + CatalogId: !Ref "AWS::AccountId" + Name: !Ref CIDDatabase + Permissions: + - DESCRIBE + PermissionsWithGrantOption: [] + + ########################################################################### # CUR2 ########################################################################### @@ -1380,6 +1394,25 @@ Resources: } } + CURCrawlerTablePermissions: + Type: AWS::LakeFormation::PrincipalPermissions + Condition: NeedLakeFormationEnabledCUR2 + Properties: + Principal: !GetAtt CidDataExportCrawlerRole.Arn + Resource: + TableResource: + CatalogId: !Ref AWS::AccountId + DatabaseName: !Ref CIDDatabase + Name: !Ref CURTable + Permissions: + - SELECT + - DESCRIBE + - ALTER + - INSERT + - DELETE + PermissionsWithGrantOption: [] + + ########################################################################### # FOCUS ########################################################################### @@ -1502,6 +1535,25 @@ Resources: } } + FOCUSCrawlerTablePermissions: + Type: AWS::LakeFormation::PrincipalPermissions + Condition: NeedLakeFormationEnabledFOCUS + Properties: + Principal: !GetAtt CidDataExportCrawlerRole.Arn + Resource: + TableResource: + CatalogId: !Ref AWS::AccountId + DatabaseName: !Ref CIDDatabase + Name: !Ref FOCUSTable + Permissions: + - SELECT + - DESCRIBE + - ALTER + - INSERT + - DELETE + PermissionsWithGrantOption: [] + + ########################################################################### # COH ########################################################################### @@ -1606,6 +1658,24 @@ Resources: } } + COHCrawlerTablePermissions: + Type: AWS::LakeFormation::PrincipalPermissions + Condition: NeedLakeFormationEnabledCOH + Properties: + Principal: !GetAtt CidDataExportCrawlerRole.Arn + Resource: + TableResource: + CatalogId: !Ref AWS::AccountId + DatabaseName: !Ref CIDDatabase + Name: !Ref COHTable + Permissions: + - SELECT + - DESCRIBE + - ALTER + - INSERT + - DELETE + PermissionsWithGrantOption: [] + ########################################################################### # Carbon emissions ########################################################################### @@ -1696,6 +1766,28 @@ Resources: } } + CarbonCrawlerTablePermissions: + Type: AWS::LakeFormation::PrincipalPermissions + Condition: NeedLakeFormationEnabledCarbon + Properties: + Principal: !GetAtt CidDataExportCrawlerRole.Arn + Resource: + TableResource: + CatalogId: !Ref AWS::AccountId + DatabaseName: !Ref CIDDatabase + Name: !Ref CarbonTable + Permissions: + - SELECT + - DESCRIBE + - ALTER + - INSERT + - DELETE + PermissionsWithGrantOption: [] + +########################################################################### +# Lake Formation for tags +########################################################################### + LakeFormationTagsForDatabase: Type: AWS::LakeFormation::TagAssociation Condition: NeedLakeFormationEnabledDB