External account share with lake formation causing errors when trying to query with Athena in consumer account

I have two accounts the source account A and the target account B.

I have granted account B access to the database and all its tables in account A with Super access including grant. and accepted this on RAM in account B.

In account B I can now see the database and have created a resource_link for the database with the table inside it. I have also granted my user "lake-formation-admin" access to this database and table.

The data catalogue settings in account A & B are; Use only IAM access control for new databases: OFF Use only IAM access control for new tables in new databases: OFF Version: 4

When I try to query my table in athena using my lake-formtion-admin account or my root account I get the same error

com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: #########; S3 Extended Request ID: #################; Proxy: null), S3 Extended Request ID: ############################### (Bucket: {my bucket name}, Key: {my key path}) This query ran against the {resource link database name} database, unless qualified by the query. Please post the error message on our forum or contact customer support with Query Id: f9ae765c-ce70-4ea5-82a2-3871b463ef95

It does work if I put a bucket policy in account A on my bucket to specifically allow my role in Account B. But I want to access using Lake Formation Permissions, surely you don't need a bucket policy to get this to work?