ReleaseBytes
aws AWS What's New ·

AWS Lake Formation Adds Direct S3 Data File Access via Table Permissions

dataawsengineerhealthcare
feature

AWS Lake Formation now allows direct read and write access to underlying Amazon S3 data files for tables using existing Lake Formation table grants, consolidating permissions for SQL and file-based operations. This enables Spark jobs for tasks like model training and feature engineering by providing temporary, scoped S3 credentials based on table permissions. The feature is integrated with Amazon EMR 7.13+ and logged in AWS CloudTrail, available at no extra charge across all supported AWS Regions.

  • Enable direct S3 file access using Lake Formation table permissions
  • Scoped credentials for S3 file access
  • Support for Spark jobs on EMR
  • API and plugin integration for Spark and Trino
  • Unified audit trail with AWS CloudTrail
Features (2)
  • Enable direct S3 file access using Lake Formation table permissions

    AWS Lake Formation now provides direct read and write access to underlying Amazon S3 data files for tables registered in the AWS Glue Data Catalog. This capability consolidates permissions for both SQL queries and direct file access, using existing Lake Formation table grants.

  • Scoped credentials for S3 file access

    Lake Formation issues temporary, scoped credentials for registered S3 locations based on table permissions, granting read access with SELECT permissions and read/write access with SUPER permissions.

Enhancements (3)
  • Support for Spark jobs on EMR

    This capability is integrated with Amazon EMR 7.13 or later, allowing direct access to data files from Spark jobs for tasks like model training, feature engineering, or debugging data quality issues.

  • API and plugin integration for Spark and Trino

    Apache Spark or Trino applications can integrate with this feature using APIs or through an open-source plugin provided by AWS.

  • Unified audit trail with AWS CloudTrail

    All access to data files is logged in AWS CloudTrail, providing a unified audit trail for both SQL and file-based operations on Lake Formation tables.

Notes (1)
  • Availability and Cost

    This feature is available at no additional charge in all AWS Regions where AWS Lake Formation is offered.

Read the original announcement →

https://aws.amazon.com/about-aws/whats-new/2026/06/aws-lake-formation-access-data-amazon-s3