# Working with other AWS services
AWS services such as Amazon Athena, AWS Glue, Amazon Redshift Spectrum, and Amazon EMR can use AWS Lake Formation to securely access data in Amazon S3 locations registered with Lake Formation. With Lake Formation, you can define and manage fine-grained access control (FGAC) permissions for your tables in the AWS Glue Data Catalog. Each of these AWS services is a trusted caller to Lake Formation, and Lake Formation provides access to data stored in Amazon S3 through temporary credentials. For more information, see [How Lake Formation application integration works](how-vending-works.md).
To avail these capabilities, Lake Formation requires you to first register the Amazon S3 location, and assign appropriate permissions to the IAM principal for accessing the table, the database, and the Amazon S3 location. For more information see, [Managing Lake Formation permissions](managing-permissions.md).
The following tables lists the types of Lake Formation permissions supported by Amazon Athena, AWS Glue, Amazon EMR, and Amazon Redshift Spectrum to access data from AWS Glue standard tables and transactional tables ([Apache Iceberg](https://iceberg.apache.org/), [Apache Hudi](https://hudi.incubator.apache.org/), and [Linux foundation Delta Lake](https://delta.io/)) with data stored in Amazon S3 and table metadata in the Data Catalog .
**AWS services and supported permission types for AWS Glue standard tables and views**
| AWS service | Table-level permissions | Column-level permissions | Row and cell-level permissions |
| --- | --- | --- | --- |
| [Athena SQL](https://docs.aws.amazon.com/lake-formation/latest/dg/athena-lf.html) | Read/write access | Read access | Read access |
| Athena Spark | Not supported | Not supported | Not supported |
| [Redshift Spectrum](https://docs.aws.amazon.com/lake-formation/latest/dg/RSPC-lf.html) on a provisioned cluster or Amazon Redshift serverless | Read/write access | Read access | Read access |
| [Apache Spark on Amazon EMR (EC2)](https://docs.aws.amazon.com/lake-formation/latest/dg/emr-integ-lf.html) | Read/write access | Read access | Read access |
| [Apache Hive on Amazon EMR (EC2)](https://docs.aws.amazon.com/lake-formation/latest/dg/emr-integ-lf.html) | Read/write access | Read access | Not supported |
| [Apache Spark on EMR Serverless](https://docs.aws.amazon.com/lake-formation/latest/dg/emr-integ-lf.html) | Read/write access | Read access | Read access |
| Apache Hive on EMR Serverless | Not supported | Not supported | Not supported |
| Amazon EMR on EKS | Not supported | Not supported | Not supported |
| [AWS Glue ETL](https://docs.aws.amazon.com/lake-formation/latest/dg/glue-features-lf.html) | Read/write access | AWS Glue 5.0 or higher supports read access. | AWS Glue 5.0 or higher supports read access. |
**Considerations and limitations**
+ Athena Spark doesn't support querying Data Catalog tables with Lake Formation permissions.
+ Athena SAML-based users can read data sources secured using Lake Formation permissions by enabling SAML 2.0-based federation. SAML users can insert data into Parquet tables.
+ Apache Spark on EMR Serverless doesn't support querying Data Catalog views.
+ Apache Hive on EMR Serverless doesn't support querying tables with Lake Formation permissions.
+ AWS Glue 5.0 or higher supports fine-grained access controls on Iceberg and Hive tables in the Data Catalog that are backed by S3. This capability lets you configure table, row, column, and cell level access controls for read queries within your AWS Glue for Apache Spark jobs.
For more information, see [AWS Glue versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).
**AWS services and supported permission types for transactional table formats**
| AWS service | Iceberg | Hudi | Delta Lake (native) | Delta Lake (symlink tables) |
| --- | --- | --- | --- | --- |
| [Athena SQL](https://docs.aws.amazon.com/lake-formation/latest/dg/athena-lf.html) | Supports reading tables with table, column, row, and cell-level permissions. Write operations require full table access. | Supports read and create operations on tables with table, column, row, and cell-level permissions. Write operations are not supported. | Athena (engine version 3) supports reading native Delta Lake tables with table, column, row, and cell-level permissions. Write operations are not supported. | Athena (engine version 3) supports reading symlink Delta Lake tables with table, column, row, and cell-level permissions. Write operations are not supported. |
| [Redshift Spectrum](https://docs.aws.amazon.com/lake-formation/latest/dg/RSPC-lf.html) on a provisioned cluster | Supports reading tables with table, column, row, and cell-level permissions. Write operations are not supported. | Supports reading tables with table, column, row, and cell-level permissions. Write operations are not supported. | No supported | Supports reading Delta Lake tables via symlink manifest with table, column, row, and cell-level permissions. Write operations are not supported. |
| [Apache Spark on Amazon EMR (EC2)](https://docs.aws.amazon.com/lake-formation/latest/dg/emr-integ-lf.html) | Supports reading tables with table, column, row, and cell-level permissions. Write operations require full table access. | Supports reading tables with table, column, row, and cell-level permissions. Write operations require full table access. | Supports reading tables with table, column, row, and cell-level permissions. Write operations are not supported. | Supports reading tables with table, column, row, and cell-level permissions. Write operations require full table access. |
| [AWS Glue ETL](https://docs.aws.amazon.com/lake-formation/latest/dg/glue-features-lf.html) | AWS Glue 5.0 or higher supports reading tables with table, column, row, and cell-level permissions. | Supports read/write on tables with table-level permissions. | Supports read/write on tables with table-level permissions. | Supports read/write on tables with table-level permissions. |
**Topics**
+ [Using AWS Lake Formation with Amazon Athena](athena-lf.md)
+ [Using AWS Lake Formation with Amazon Redshift Spectrum](RSPC-lf.md)
+ [Using AWS Lake Formation with AWS Glue](glue-features-lf.md)
+ [Using AWS Lake Formation with Amazon EMR](emr-integ-lf.md)
+ [Using AWS Lake Formation with Quick](qs-integ-lf.md)
+ [Using AWS Lake Formation with AWS CloudTrail Lake](cloudtrail-lake-integ-lf.md)
# Using AWS Lake Formation with Amazon Athena
[Amazon Athena](https://docs.aws.amazon.com/athena/index.html) is a server-less query service that helps you analyze structured, semi-structured, and unstructured data stored in Amazon S3. You can use Athena SQL to query data from CSV, JSON, Parquet, and Avro data formats. Athena SQL also supports table formats like [Apache Hive](https://hive.apache.org/), [Apache Hudi](https://hudi.apache.org/), and [Apache Iceberg](https://iceberg.apache.org/). Athena integrates with the AWS Glue Data Catalog to store metadata of your data sets in Amazon S3. Athena can use Lake Formation to define and maintain access control policies on those data sets.
Here are some common use cases where you can use Lake Formation with Athena.
+ Use Lake Formation permissions for accessing the Data Catalog resources (database and tables) from Athena. You can use either the named resource method or LF-tags to define permissions on database and tables. For more information, see:
+ [Granting database permissions using the named resource method](granting-database-permissions.md)
+ [Lake Formation tag-based access control](tag-based-access-control.md)
**Note**
Lake Formation permissions apply only when using Athena SQL to query source data from Amazon S3 and metadata in the Data Catalog.
Athena Spark doesn't support querying Data Catalog tables with Lake Formation permissions. Lake Formation permissions support both read and write operations on databases and tables.
**Note**
You can't apply data filters when you use LF-Tags to manage permissions on Data Catalog resources.
+ Control the query results by using [Data filters in Lake Formation](data-filtering.md#data-filters-about) to secure tables in your Amazon S3 data lakes by granting permissions at column, row, and cell-levels. See the [limitation on partition projection](https://docs.aws.amazon.com/athena/latest/ug/lf-athena-limitations.html#lf-athena-limitations-data-filters) in Amazon Athena User Guide.
+ Enforce fine-grained access control on the data available to the SAML-based Athena user when running federated queries.
Athena JDBC and ODBC drivers support configuring federated access to your data source using SAML-based Identity Provider (IdP). Use Quick integrated with Lake Formation with your existing IAM role or SAML users or groups to visualize Athena query results.
**Note**
Lake Formation permissions for SAML users and groups will apply only when you submit queries to Athena using the JDBC or ODBC driver.
For more information, see [Using Lake Formation and the Athena JDBC and ODBC drivers for federated access to Athena](https://docs.aws.amazon.com/athena/latest/ug/security-athena-lake-formation-jdbc.html).
**Note**
Currently, authorizing access to SAML identities in Lake Formation is not supported in the following regions:
Middle East (Bahrain) - me-south-1
Asia Pacific (Hong Kong) - ap-east-1
Africa (Cape Town) - af-south-1
China (Ningxia) - cn-northwest-1
Asia Pacific (Osaka) - ap-northeast-3
+ Use [Cross-account data sharing in Lake Formation](cross-account-permissions.md) to query tables in another account.
**Note**
For more information on limitations when using Lake Formation permissions to `Views`, see [Considerations and Limitations](https://docs.aws.amazon.com/athena/latest/ug/security-athena-lake-formation.html).
## Support for transactional table formats
Applying Lake Formation permissions allows you to secure your transactional data in your Amazon S3 based data lakes. The table below lists transactional table formats supported in Athena and the Lake Formation permissions. Lake Formation enforces these permissions when Athena users run their queries.
| Table format | Description and allowed operations | Lake Formation permissions supported in Athena |
| --- | --- | --- |
| Apache Hudi | A format used to simplify incremental data processing and data pipeline development. Athena supports create and read operations using Apache Hudi table formats on Amazon S3 data sets for both **Copy on Write (CoW)** and **Merge On Read (MoR)** Hudi table types. Athena does not support write operations on Hudi tables. Use [Athena to query Hudi datasets](https://docs.aws.amazon.com/athena/latest/ug/querying-hudi.html). | Use [Data filtering and cell-level security in Lake Formation](data-filtering.md) to secure Hudi table using table, column, row, and cell-level permissions. |
| Apache Iceberg | An open table format that manages large collections of files as tables, and supports modern analytic data lake operations such as record-level insert, update, delete, and time travel queries. For more information on Athena's support for Iceberg tables, see [Using Iceberg tables](https://docs.aws.amazon.com/athena/latest/ug/querying-iceberg.html). | Table, column, row, and cell-level permissions are supported. Currently, Lake Formation doesn't support managing permissions on write operations such as `VACUUM`, `MERGE`, `UPDATE` and `OPTIMIZE` on tables in Open Table Formats. |
| Linux Foundation Delta Lake | Delta Lake is an open-source project that helps to implement modern data lake architectures commonly built on Amazon S3 or Hadoop Distributed File System (HDFS). Athena supports Delta lake tables created using a symlink-based manifest table definition on AWS Glue Data Catalog from a Delta Lake table. For more information, see [Crawl Delta Lake tables using AWS Glue crawlers](https://aws.amazon.com/blogs/big-data/crawl-delta-lake-tables-using-aws-glue-crawlers/). Athena (engine version 3) supports reading native Delta Lake tables. For more information, see [ Introducing native Delta Lake table support with AWS Glue crawlers ](https://aws.amazon.com/blogs/big-data/introducing-native-delta-lake-table-support-with-aws-glue-crawlers/). | Table, column, row, and cell-level permissions are supported for symlink tables and native Delta Lake tables. |
## Additional resources
**Blog posts, videos, and workshops**
+ [ Query an Apache Hudi dataset in an Amazon S3 data lake with Amazon Athena](https://aws.amazon.com/blogs/big-data/part-1-query-an-apache-hudi-dataset-in-an-amazon-s3-data-lake-with-amazon-athena-part-1-read-optimized-queries/)
+ [Build an Apache Iceberg data lake using Amazon Athena, Amazon EMR, and AWS Glue](https://aws.amazon.com/blogs/big-data/build-an-apache-iceberg-data-lake-using-amazon-athena-amazon-emr-and-aws-glue/)
+ [Insert, update, delete on Amazon S3 with Athena and Apache Iceberg ](https://www.youtube.com/watch?v=u1v666EXCJw)
+ [LF-Tag based access control](https://catalog.us-east-1.prod.workshops.aws/workshops/78572df7-d2ee-4f78-b698-7cafdb55135d/en-US/lakeformation-basics/querying-datalake/tag-based-access-control) Lake Formation workshop on querying a data lake.
# Using AWS Lake Formation with Amazon Redshift Spectrum
[Amazon Redshift Spectrum](https://docs.aws.amazon.com/redshift/latest/dg/c-using-spectrum.html) lets you to query and retrieve data in Amazon S3 data lakes without loading data into Amazon Redshift cluster nodes.
Redshift Spectrum supports two ways of registering an external AWS Glue data catalog enabled with Lake Formation.
+ Using a cluster attached IAM role that has permission to the Data Catalog
To create an IAM role, follow the steps outlined in the below procedure.
[Controlling access to the AWS Glue Data Catalog](https://docs.aws.amazon.com/redshift/latest/dg/c-spectrum-iam-policies.html#c-spectrum-glue-acess)
+ Using a federated IAM identity configured to manage access to external AWS Glue Data Catalog resources
Redshift Spectrum supports querying Lake Formation tables using federated IAM identities. The IAM identities can be an IAM user or an IAM role. For more information on IAM identity federation in Redshift Spectrum, see [Using a federated identity to manage Amazon Redshift access to local resources and Redshift Spectrum external tables](https://docs.aws.amazon.com/redshift/latest/mgmt/authorization-fas-spectrum.html).
With Lake Formation integration with Redshift Spectrum, you can define row, column, and cell-level access control permissions on tables after your data is registered with Lake Formation.
For more information see [Using Redshift Spectrum with AWS Lake Formation](https://docs.aws.amazon.com/redshift/latest/dg/spectrum-lake-formation.html).
Redshift Spectrum supports reads or `SELECT` queries on the Lake Formation managed external schema tables.
For more information, see [Creating external schemas for Redshift Spectrum](https://docs.aws.amazon.com/redshift/latest/dg/c-spectrum-external-schemas.html).
## Support for transactional table types
This table lists transactional table formats supported in Redshift Spectrum and the applicable Lake Formation permissions.
**Supported table formats**
| Table format | Description and allowed operations | Lake Formation permissions supported in Redshift Spectrum |
| --- | --- | --- |
| Apache Hudi | A format used to simplify incremental data processing and data pipeline development. Redshift Spectrum supports insert, delete, and upsert write operations using Apache Hudi [https://hudi.apache.org/docs/next/table_types#copy-on-write-table](https://hudi.apache.org/docs/next/table_types#copy-on-write-table) table format on Amazon S3. For more information, see [ Creating external tables for data managed in Apache Hudi](https://docs.aws.amazon.com/redshift/latest/dg/c-spectrum-external-tables.html#c-spectrum-column-mapping-hudi). | Use [Data filtering and cell-level security in Lake Formation](data-filtering.md) to secure Hudi tables using table, column, row, and cell-level permissions. |
| Apache Iceberg | An open table format that manages large collections of files as tables and supports modern analytic data lake operations such as record-level insert, update, delete, and time travel queries. For more information, see [Using Apache Iceberg tables with Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/dg/querying-iceberg.html). | Redshift Spectrum supports Apache Iceberg tables for querying. |
| Linux Foundation Delta Lake | Delta Lake is an open-source project that helps implement modern data lake architectures commonly built on Amazon S3 or Hadoop Distributed File System (HDFS).Redshift Spectrum supports querying Delta Lake tables. For more information, see [Creating external tables for data managed in Delta Lake](https://docs.aws.amazon.com/redshift/latest/dg/c-spectrum-external-tables.html#c-spectrum-column-mapping-delta). | Table, column, row, and cell-level permissions are supported. |
## Additional resources
**Blog posts and workshops**
+ [ Centralize governance for your data lake using AWS Lake Formation while enabling a modern data architecture with Amazon Redshift Spectrum](https://aws.amazon.com/blogs/big-data/centralize-governance-for-your-data-lake-using-aws-lake-formation-while-enabling-a-modern-data-architecture-with-amazon-redshift-spectrum/)
+ [Use Redshift Spectrum to query Apache HUDI Copy On Write (CoW) tables in Amazon S3 data lake](https://catalog.us-east-1.prod.workshops.aws/workshops/9f29cdba-66c0-445e-8cbb-28a092cb5ba7/en-US/lab21)
# Using AWS Lake Formation with AWS Glue
Data engineers and DevOps professionals use AWS Glue with Extract, Transform and Load (ETL) with Apache Spark to perform transformations on their data sets in Amazon S3 and load the transformed data into data lakes and data warehouses for analytics, machine learning, and application development. With different teams accessing the same data set in Amazon S3, it is imperative to grant and restrict permissions based on their roles.
AWS Lake Formation is built on AWS Glue, and the services interact in the following ways:
+ Lake Formation and AWS Glue share the same Data Catalog.
+ The following Lake Formation console features invoke the AWS Glue console:
+ Jobs – For more information, see [Adding Jobs](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the *AWS Glue Developer Guide*.
+ Crawlers – For more information, see [Cataloging Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) in the *AWS Glue Developer Guide*.
+ The workflows generated when you use a Lake Formation blueprint are AWS Glue workflows. You can view and manage these workflows in both the Lake Formation console and the AWS Glue console.
+ Machine learning transforms are provided with Lake Formation and are built on AWS Glue API operations. You create and manage machine learning transforms on the AWS Glue console. For more information, see [Machine Learning Transforms](https://docs.aws.amazon.com/glue/latest/dg/machine-learning.html) in the *AWS Glue Developer Guide*.
You can use the Lake Formation fine-grained access control to manage your existing Data Catalog resources and Amazon S3 data locations.
**Note**
AWS Glue 5.0 or higher supports fine-grained access controls on Iceberg and Hive tables that are backed by S3. This capability lets you configure table, row, column, and cell level access controls for read queries within your AWS Glue for Apache Spark jobs.
## Support for transactional table types
Applying Lake Formation permissions allows you to secure your transactional data in your Amazon S3 based data lakes. The table below lists transactional table formats supported in AWS Glue and the Lake Formation permissions. Lake Formation enforces these permissions for AWS Glue operations.
**Supported table formats**
| Table format | Description and allowed operations | Lake Formation permissions supported in AWS Glue |
| --- | --- | --- |
| Apache Hudi | A open table format used to simplify incremental data processing and data pipeline development. For examples, see [Using the Hudi framework in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-format-hudi.html). | Table-level permissions are available for Hudi tables. For more information, see [Limitations](https://docs.aws.amazon.com/glue/latest/dg/security-lf-enable.html). |
| Apache Iceberg | An open table format that manages large collections of files as tables. For examples, see [Using the Iceberg framework in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-format-iceberg.html). | AWS Glue version 5.0 and higher lets you configure table, row, column, and cell level access controls for read queries within your AWS Glue for Apache Spark jobs for Iceberg tables. For more information, see [Limitations](https://docs.aws.amazon.com/glue/latest/dg/security-lf-enable.html). |
| Linux Foundation Delta Lake | Delta Lake is an open-source project that helps implement modern data lake architectures commonly built on Amazon S3 or Hadoop Distributed File System (HDFS). For examples, see [Using the Delta Lake framework in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-format-delta-lake.html). | Table-level permissions are available for Delta Lake tables. For more information, see [Limitations](https://docs.aws.amazon.com/glue/latest/dg/security-lf-enable-considerations.html). |
## Additional resources
**Blog posts and repositories**
+ [ Use the AWS Glue connector to read and write Apache Iceberg tables with ACID transactions and perform time travel](https://aws.amazon.com/blogs/big-data/use-the-aws-glue-connector-to-read-and-write-apache-iceberg-tables-with-acid-transactions-and-perform-time-travel/)
+ [Writing to Apache Hudi tables using AWS Glue custom connector](https://aws.amazon.com/blogs/big-data/writing-to-apache-hudi-tables-using-aws-glue-connector/)
+ AWS repository of [Cloudformation template and pyspark code sample](https://github.com/aws-samples/aws-glue-streaming-etl-with-apache-hudi) to analyze streaming data using AWS Glue, Apache Hudi, and Amazon S3.
# Using AWS Lake Formation with Amazon EMR
Amazon EMR is a flexible AWS managed cluster platform on which you can run any custom code on supported big data frameworks like Hadoop Map-Reduce, Spark, Hive, Presto, etc. Organizations also use Amazon EMR to run both batch and stream data processing applications across a highly distributed cluster. Using Apache Spark on Amazon EMR, you can run your data transformations and custom code on database and tables whose permissions are managed by Lake Formation.
There are three options for deploying Amazon EMR:
+ EMR on EC2
+ EMR Serverless
+ Amazon EMR on EKS
For more information, see [Integrate Amazon EMR with Lake Formation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-lake-formation.html) or [Using EMR Serverless with AWS Lake Formation for fine-grained access control](https://docs.aws.amazon.com/emr/latest/EMR-Serverless-UserGuide/emr-serverless-lf-enable.html)
## Support for transactional table formats
Amazon EMR releases 6.15.0 and higher include support for Lake Formation table, row, column, and cell-level access control permissions on [Apache Hudi ](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-hudi.html), [Apache Iceberg](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-iceberg.html) and [Delta Lake](https://github.com/aws-samples/amazon-emr-with-delta-lake) table formats when you read and write data with Spark SQL.
For limitations, see [Considerations for Amazon EMR with Lake Formation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-lf-limitations.html).
**Supported table formats**
| Table format | Description and allowed operations | Lake Formation permissions supported in Amazon EMR |
| --- | --- | --- |
| Apache Hudi | A open table format used to simplify incremental data processing and data pipeline development. For a list of supported operations, see [Apache Hudi and Lake Formation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/hudi-with-lake-formation.html). | Amazon EMR supports table, row, column, and cell-level access control with Apache Hudi. |
| Apache Iceberg | An open table format that manages large collections of files as tables. For a list of supported operations, see [Apache Iceberg and Lake Formation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/iceberg-with-lake-formation.html). | Amazon EMR supports table, row, column, and cell-level access control with Apache Iceberg. |
| Linux Foundation Delta Lake | Delta Lake is an open-source project that helps implement modern data lake architectures commonly built on Amazon S3 or Hadoop Distributed File System (HDFS). For a list of supported operations, see [Delta Lake and Lake Formation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/delta-with-lake-formation.html). | Amazon EMR supports table, row, column, and cell-level access control with Delta Lake tables. |
## Additional resources
**User guide, blog posts, and workshops**
+ [ Integration with Amazon EMR using Runtime Roles](https://catalog.us-east-1.prod.workshops.aws/workshops/78572df7-d2ee-4f78-b698-7cafdb55135d/en-US/emr-runtimerole-integration)
+ [Get a quick start with Apache Hudi, Apache Iceberg, and Delta Lake with Amazon EMR on EKS](https://aws.amazon.com/blogs/big-data/get-a-quick-start-with-apache-hudi-apache-iceberg-and-delta-lake-with-amazon-emr-on-eks/)
+ [Using Delta Lake OSS with EMR Serverless](https://docs.aws.amazon.com/emr/latest/EMR-Serverless-UserGuide/using-delta-lake.html)
# Using AWS Lake Formation with Quick
Quick supports exploring datasets managed by Lake Formation permissions in Amazon S3 using Athena.
Both Standard and Enterprise edition users of Quick integrate with Lake Formation, but slightly differently.
+ Enterprise edition – Grant fine-grained access control (FGAC) permissions to individual Quick users and groups to access databases and tables.
+ Standard edition – Grant permissions to IAM roles to access databases and tables.
**Note**
By default, Quick uses a role named `aws-quicksight-service-role-v0`. You can also define custom roles with required permissions that enable Quick to access Athena.
For more information, see [Authorizing connections through AWS Lake Formation](https://docs.aws.amazon.com/quicksight/latest/user/lake-formation.html)
## Additional resources
**Blog posts**
+ [ Enable fine-grained permissions for Quick authors in AWS Lake Formation](https://aws.amazon.com/blogs/big-data/enable-fine-grained-permissions-for-amazon-quicksight-authors-in-aws-lake-formation/)
+ [Securely analyze your data with AWS Lake Formation and Quick](https://aws.amazon.com/blogs/big-data/securely-analyze-your-data-with-aws-lake-formation-and-amazon-quicksight/)
# Using AWS Lake Formation with AWS CloudTrail Lake
AWS CloudTrail Lake supports exploring event data stores using Amazon Athena with fine-grained permissions in AWS Lake Formation.
**Note**
CloudTrail Lake can only be queried through Amazon Athena.
To register your CloudTrail Lake event data store with Lake Formation, see [Federate an event data store](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html).