Closed arun1ram closed 1 year ago
Hi @arun1ram apologies for the delayed response.
I cannot reproduce the issue. Calling grantPermissions
returns status code 200 and listPermissions
returns:
permissions:{PrincipalResourcePermissions: [{Principal: {DataLakePrincipalIdentifier: arn:aws:iam::xxx:user/User},Resource: {Database: {CatalogId: xxx,Name: mydatabase},},Permissions: [ALL],PermissionsWithGrantOption: [],}],}
My guess is that in your example you are granting permission to one database but listing permissions of a different database:
GrantPermissionsRequest grantPermRequest = new GrantPermissionsRequest()
.withResource(new Resource().withTable(new TableResource()
.withDatabaseName("some valid db name") //<--- database is "some valid db name"
.withTableWildcard(new TableWildcard())))
.withPermissions(Permission.SELECT)
.withPrincipal(new DataLakePrincipal().withDataLakePrincipalIdentifier("some valid arn"));
final GrantPermissionsResult grantPermissionsResult = awsLakeFormationClient.grantPermissions(grantPermRequest);
System.out.println("status code:" + grantPermissionsResult.getSdkHttpMetadata().getHttpStatusCode());
DatabaseResource databaseResource = new DatabaseResource()
.withName(databaseName); //<--- database is probably not "some valid db name"
final ListPermissionsResult listPermissionsResult = awsLakeFormationClient.listPermissions(new ListPermissionsRequest()
.withResource(new Resource().withDatabase(databaseResource))
.withPrincipal(new DataLakePrincipal()
.withDataLakePrincipalIdentifier("some valid arn"))
);
System.out.println("permissions:" + listPermissionsResult);
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.
I am trying to use the Lake formation Java API to grant permissions to an IAM user. I am able to use the AWS console to do the same (see screenshot for what I am trying to do). However when I use the following Java code, I do not get any error response but the permissions are actually not granted.
The above request returns a 200 response and prints empty permissions result as below: