CloudTrail / Client / enable_federation



Enables Lake query federation on the specified event data store. Federating an event data store lets you view the metadata associated with the event data store in the Glue Data Catalog and run SQL queries against your event data using Amazon Athena. The table metadata stored in the Glue Data Catalog lets the Athena query engine know how to find, read, and process the data that you want to query.

When you enable Lake query federation, CloudTrail creates a managed database named aws:cloudtrail (if the database doesn’t already exist) and a managed federated table in the Glue Data Catalog. The event data store ID is used for the table name. CloudTrail registers the role ARN and event data store in Lake Formation, the service responsible for allowing fine-grained access control of the federated resources in the Glue Data Catalog.

For more information about Lake query federation, see Federate an event data store.

See also: AWS API Documentation

Request Syntax

response = client.enable_federation(
  • EventDataStore (string) –


    The ARN (or ID suffix of the ARN) of the event data store for which you want to enable Lake query federation.

  • FederationRoleArn (string) –


    The ARN of the federation role to use for the event data store. Amazon Web Services services like Lake Formation use this federation role to access data for the federated event data store. The federation role must exist in your account and provide the required minimum permissions.

Return type:



Response Syntax

    'EventDataStoreArn': 'string',
    'FederationStatus': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED',
    'FederationRoleArn': 'string'

Response Structure

  • (dict) –

    • EventDataStoreArn (string) –

      The ARN of the event data store for which you enabled Lake query federation.

    • FederationStatus (string) –

      The federation status.

    • FederationRoleArn (string) –

      The ARN of the federation role.


  • CloudTrail.Client.exceptions.EventDataStoreARNInvalidException

  • CloudTrail.Client.exceptions.EventDataStoreNotFoundException

  • CloudTrail.Client.exceptions.InvalidParameterException

  • CloudTrail.Client.exceptions.InactiveEventDataStoreException

  • CloudTrail.Client.exceptions.OperationNotPermittedException

  • CloudTrail.Client.exceptions.UnsupportedOperationException

  • CloudTrail.Client.exceptions.CloudTrailAccessNotEnabledException

  • CloudTrail.Client.exceptions.InsufficientDependencyServiceAccessPermissionException

  • CloudTrail.Client.exceptions.NotOrganizationMasterAccountException

  • CloudTrail.Client.exceptions.NoManagementAccountSLRExistsException

  • CloudTrail.Client.exceptions.OrganizationsNotInUseException

  • CloudTrail.Client.exceptions.OrganizationNotInAllFeaturesModeException

  • CloudTrail.Client.exceptions.ConcurrentModificationException

  • CloudTrail.Client.exceptions.AccessDeniedException

  • CloudTrail.Client.exceptions.EventDataStoreFederationEnabledException