Adding DATA_LOCATION_ACCESS grant when Registering an Amazon S3 location for data lake results in an error during cloud formation stack execution

[mashaor]

Describe the bug
During the "Cataloging data" step of the workshop, the cloud formation stack is adding DATA_LOCATION_ACCESS grant when Registering an Amazon S3 location with the data lake.
This step (rLegislatorsrRawGlueCrawlerS3LakeFormationPermissions) results in an error during cloud formation stack execution:
"errorMessage": "Resource does not exist or requester is not authorized to access requested permissions."

Root Cause:

1. trust relationships with "lakeformation.amazonaws.com" is missing from rDatalakeCrawlerRole
2. the following permissions are missing from rDatalakeCrawlerRole:
   lakeformation:GrantPermissions
   lakeformation:RegisterResource

"errorMessage": "Resource does not exist or requester is not authorized to access requested permissions.",
"requestParameters": {
"principal": {
"dataLakePrincipalIdentifier": "arn:aws:iam::47.......01:role/sdlf-legislators/sdlf-datalake-datasets-de-rLegislatorsrDatalakeCraw-DmXBEgriypMp"
},
"resource": {
"dataLocation": {
"resourceArn": "arn:aws:s3:::companyname-datalake-us-east-1-47......01-analytics-dev/legislators/"
}
},

Adding the missing trust relationship and permissions to sdlf-legislators/sdlf-datalake-datasets-de-rLegislatorsrDatalakeCraw role resolved the issue.

SDLF release (if known):
latest