Description: Add Lake Formation permissions when Glue catalog is the metastore
Parameters:
  DataAccessRoleARN:
    Description: ARN of the DataAccessRoleARN used on the EMR cluster
    Default: ''
    Type: String
Resources:
  DefaultCatalogPermission:
    Type: AWS::LakeFormation::PrincipalPermissions
    Properties:
      Principal:
        DataLakePrincipalIdentifier: !Ref DataAccessRoleARN
      Resource:
        Database:
          CatalogId: !Ref AWS::AccountId
          Name: "default"
      Permissions:
        - "ALL"
      PermissionsWithGrantOption:
        - "ALL"