amazon-web-services boto3 amazon-iam aws-cli aws-lake-formation

How to grant or revoke lake formation by boto3 for IAM groups?

I'm trying to use AWS lake formation to perform grants and revokes of permissions for AWS IAM groups, via console I can normally, but via Boto3 or AWS CLI I get an error stating that IAM groups are not accepted in these actions.

ERROR BOTO3 IMAGE

Solution

You can't. Groups aren't principals and can't be granted permissions using resource-based permission policies. If your Group and your LakeFormation stuff are in the same account, you should attach your LakeFormation permissions to the Group rather than using a resource-based permission policy. If they are in different accounts, allow the Group members to assume a Role from the LakeFormation account and give permissions to that.

Get single-line json from aws cli
Automatically "stop" Sagemaker notebook instance after inactivity?
AWS Cloudwatch alarm not returning to OK state even though data looks fine
Windows & Linux living together in Kubernetes cluster
AWS CDK for .NET Core hangs at "ApplicationLoadBalancedFargateService" Task
how to add cache control in AWS S3?
AWS Lambda Open Telemetry, Missing Parent Span
API Gateway Custom Authorizer: Control error message and code
VSCode JSON to YAML auto conversion on save
How to add multiple columns in AWS redshift with alter table query
Retrieve one file from AWS Glacier using cli
Email address is not verified (AWS SES)
Terraform - s3 static website wont deploy, telling me I dont have permissions when I do
How to Add Private Subnets with Designated IP Addresses When Creating a VPC Interface Endpoint in AWS CDK
SpringBoot fails to deploy after adding .ebextensions for ngingx SSL -[An error occurred during execution of command [app-deploy]]
What does 0.0.0.0/0 and ::/0 mean?
How to query dynamoDB based on key + attribute?
Getting "No AWS accounts are available to you" when using aws configure sso
Terraform directory Structure for common infrastructure on aws for ADO pipeline
Mysterious TransactionConflict in TransactionCanceledException
Cloudwatch VPC interface endpoint times out
AWS s3 V3 Javascript SDK stream file from bucket (GetObjectCommand)
How to bypass expectation of S3 server 100-contiune response in Boto3 put_object method
Disabling AWS X-ray in FastAPI Lambda application
Cannot Connect To AWS Elasticache Redis Cluster From Local Machine
How do i access AWS SAM-CLI through bash on windows?
Reporting AWS Tools RDS or Redshift?
What does "eksctl create iamserviceaccount" do under the hood on an EKS cluster?
Configure Selenium Nodes without a JSON file
Is there a CLI command on Azure to see console messages of a VM that is not booting up?