AWS Perspective failed to create stack when lake formation is enabled

[StoneDot]

Describe the bug AWS Perspective failed to constructed when Lake Formation is used. I search the repository with keyword lakeformation, and it seems AWS Perspective does not consider Lake Formation permissions.

Observed error is the following.

Insufficient Lake Formation permission(s): Required Create Database on Catalog (Service: AWSGlue; Status Code: 400; Error Code: AccessDeniedException; Request ID: 815bc078-1cac-4ed6-9b92-13c4ff1383b7; Proxy: null)

To Reproduce Steps to reproduce the behavior:

1. Go to Lake Formation console using an IAM role or IAM user with AdministratorAccess.
2. On "Welcome to Lake Formation", select "Add myself" and unselect "Add other AWS users or roles", then click "Get started".
3. Open left-hand side menu and click "Settings" button under "Data catalog".
4. Unselect "Use only IAM access control for new databases" and "Use only IAM access control for new tables in new databases", then click "Save".
5. Open left-hand side menu and click "Administrative roles and tasks" button under "Permissions".
6. On "Database creators" pane, click IAMAllowedPrincipals principal, then click "Revoke".
7. Click "Revoke" button.
8. Open https://console.aws.amazon.com/cloudformation/home#/stacks/create/template?stackName=aws-perspective&templateURL=https://s3.amazonaws.com/solutions-reference/aws-perspective/latest/aws-perspective.template.
9. Click "Next".
10. Enter your email address on "AdminUserEmailAddress", then click "Next".
11. Click Next leaves all default.
12. Check all checkbox and click "Create stack".
13. Wait minutes to fail stack creation failure.

Expected behavior Construction of stack successfully finishs without Insufficient Lake Formation permission(s) error.

Screenshots

Browser (please complete the following information):

• Name Firefox
• Version 91.2.0esr (64-bit)

Additional context It seems aws-perspective-LambdaExecutionRole-**** tries to create Glue Database. But on Lake Formation enabled environment, we should grant access permissions as database creators to IAM user or IAM role. I expect other errors could happen related to Lake Formation permissions model.