https://community.databricks.com/t5/data-engineering/unity-catalog-external-location-with-amazon-s3-access-points/m-p/160296#M54880 <P><SPAN class="">Context</SPAN></P><P>I'm working on integration patterns between enterprise NAS storage (Amazon FSx for NetApp ONTAP) and Databricks via S3 Access Points. S3 Access Points provide S3 API access to file data without copying — a common pattern for organizations with existing NFS/SMB workloads.</P><P>I've documented my findings publicly here:<SPAN>&nbsp;</SPAN><A target="_blank" rel="noopener noreferrer">https://github.com/Yoshiki0705/fsxn-lakehouse-integrations</A></P><P><SPAN class="">What I've observed</SPAN></P><P>When registering an S3 Access Point as a UC External Location:</P><UL class=""><LI>Yes: External Location creation succeeds</LI><LI>Yes: Top-level file listing works</LI><LI>Yes: Explicit file reads (specifying full path) work</LI><LI>No: Subdirectory listing fails with<SPAN>&nbsp;</SPAN>UC_CLOUD_STORAGE_ACCESS_FAILURE</LI><LI>No: CREATE TABLE fails with<SPAN>&nbsp;</SPAN>AccessDenied</LI></UL><P>The behavior suggests the session policy generated during AssumeRole doesn't correctly handle S3 AP ARN format (arn:aws:s3:REGION:ACCOUNT:accesspoint/NAME).</P><P><SPAN class="">Technical details</SPAN></P><UL class=""><LI>Databricks on AWS, Premium tier</LI><LI>Unity Catalog enabled</LI><LI>Storage Credential: IAM Role with full s3:* on the AP ARN</LI><LI>S3 AP type: Internet-origin (same as what works with Athena/Snowflake/EMR)</LI><LI>The same data is queryable via Athena, Snowflake External Stage, and EMR Serverless without issues</LI></UL><P><SPAN class="">Questions for the community</SPAN></P><OL class=""><LI><P>Has anyone successfully registered an S3 Access Point (not a standard S3 bucket) as a UC External Location? If so, what configuration was needed?</P></LI><LI><P>Is there a documented limitation or roadmap item for S3 AP support in UC? I couldn't find this in the current documentation.</P></LI><LI><P>For those using the Storage Ecosystem partners (announced at DAIS 2026) — does the native integration bypass this limitation by using a different registration path?</P></LI></OL><P><SPAN class="">Current workaround</SPAN></P><P>I'm currently using DataSync → standard S3 bucket → UC External Location, which works but introduces data copy. For read-only analytics, Athena and Snowflake can query the S3 AP directly, so this is specifically a UC limitation.</P><P><SPAN class="">Why this matters to the community</SPAN></P><P>Many organizations store data on enterprise NAS (NFS/SMB) and want to use Databricks for ML/AI without duplicating everything to S3. S3 Access Points are designed exactly for this "access without copy" pattern. If UC could support S3 AP ARNs, it would enable zero-copy governed analytics on enterprise file storage — benefiting anyone with NAS-resident data.</P><P><EM>Environment: Databricks on AWS, ap-northeast-1, Premium tier, DBR 16.1+</EM></P> Tue, 23 Jun 2026 19:49:20 GMT YoshikiFujiwara 2026-06-23T19:49:20Z https://community.databricks.com/t5/data-engineering/unity-catalog-external-location-with-amazon-s3-access-points/m-p/160296#M54880 <P><SPAN class="">Context</SPAN></P><P>I'm working on integration patterns between enterprise NAS storage (Amazon FSx for NetApp ONTAP) and Databricks via S3 Access Points. S3 Access Points provide S3 API access to file data without copying — a common pattern for organizations with existing NFS/SMB workloads.</P><P>I've documented my findings publicly here:<SPAN>&nbsp;</SPAN><A target="_blank" rel="noopener noreferrer">https://github.com/Yoshiki0705/fsxn-lakehouse-integrations</A></P><P><SPAN class="">What I've observed</SPAN></P><P>When registering an S3 Access Point as a UC External Location:</P><UL class=""><LI>Yes: External Location creation succeeds</LI><LI>Yes: Top-level file listing works</LI><LI>Yes: Explicit file reads (specifying full path) work</LI><LI>No: Subdirectory listing fails with<SPAN>&nbsp;</SPAN>UC_CLOUD_STORAGE_ACCESS_FAILURE</LI><LI>No: CREATE TABLE fails with<SPAN>&nbsp;</SPAN>AccessDenied</LI></UL><P>The behavior suggests the session policy generated during AssumeRole doesn't correctly handle S3 AP ARN format (arn:aws:s3:REGION:ACCOUNT:accesspoint/NAME).</P><P><SPAN class="">Technical details</SPAN></P><UL class=""><LI>Databricks on AWS, Premium tier</LI><LI>Unity Catalog enabled</LI><LI>Storage Credential: IAM Role with full s3:* on the AP ARN</LI><LI>S3 AP type: Internet-origin (same as what works with Athena/Snowflake/EMR)</LI><LI>The same data is queryable via Athena, Snowflake External Stage, and EMR Serverless without issues</LI></UL><P><SPAN class="">Questions for the community</SPAN></P><OL class=""><LI><P>Has anyone successfully registered an S3 Access Point (not a standard S3 bucket) as a UC External Location? If so, what configuration was needed?</P></LI><LI><P>Is there a documented limitation or roadmap item for S3 AP support in UC? I couldn't find this in the current documentation.</P></LI><LI><P>For those using the Storage Ecosystem partners (announced at DAIS 2026) — does the native integration bypass this limitation by using a different registration path?</P></LI></OL><P><SPAN class="">Current workaround</SPAN></P><P>I'm currently using DataSync → standard S3 bucket → UC External Location, which works but introduces data copy. For read-only analytics, Athena and Snowflake can query the S3 AP directly, so this is specifically a UC limitation.</P><P><SPAN class="">Why this matters to the community</SPAN></P><P>Many organizations store data on enterprise NAS (NFS/SMB) and want to use Databricks for ML/AI without duplicating everything to S3. S3 Access Points are designed exactly for this "access without copy" pattern. If UC could support S3 AP ARNs, it would enable zero-copy governed analytics on enterprise file storage — benefiting anyone with NAS-resident data.</P><P><EM>Environment: Databricks on AWS, ap-northeast-1, Premium tier, DBR 16.1+</EM></P> Tue, 23 Jun 2026 19:49:20 GMT https://community.databricks.com/t5/data-engineering/unity-catalog-external-location-with-amazon-s3-access-points/m-p/160296#M54880 YoshikiFujiwara 2026-06-23T19:49:20Z