Connect to an AWS S3 external location
This page describes how to connect to an AWS S3 external location. After completing this connection, you'll be able to govern access to these S3 objects using Unity Catalog.
Available methods to connect to AWS S3
To successfully connect to an S3 bucket path, you need two Unity Catalog securable objects. The first is a storage credential, which specifies an AWS IAM role that allows access to the S3 location. You need this storage credential for the second required object: an external location, which defines the path to your S3 storage location and the credentials required to access that location.
Use any of the following methods to create these objects.
Method | Description | When to use |
|---|---|---|
Databricks recommends using the provided CloudFormation template to set up your S3 external location. Using this method, Databricks creates the prerequisite storage credential object for you, so you don't need to create the storage credential manually. | Choose this method to quickly set up a new connection to an S3 bucket without an existing storage credential. | |
This option provides a graphical UI. It requires you to manually create the storage credential first, then the external location that references the S3 bucket. | Choose this method if you prefer using the Catalog Explorer UI to create the required objects. This manual method is not recommended if you need to create many external locations. | |
This method uses the SQL Editor or a notebook to programmatically create the objects. It requires you to create the storage credential first, then the external location that references the S3 bucket. | Choose this method if you prefer creating the required objects programmatically, or if you need to create multiple external locations quickly. |
This section provides detailed instructions for each of these methods. You can also use The Databricks CLI or Terraform.