AWS lake-formation documentation change
Summary
Modified description of a permission from allowing data deletion to allowing insert/update/read operations on S3 data
Security assessment
The change updates permission scope but lacks evidence of addressing a specific security issue. It appears to be a documentation correction or feature update rather than a security fix.
Diff
diff --git a/lake-formation/latest/dg/lf-permissions-reference.md index e10cad19c..f8a1f9e7d 100644 --- a/lake-formation/latest/dg/lf-permissions-reference.md +++ b/lake-formation/latest/dg/lf-permissions-reference.md @@ -405 +405 @@ Permission | Granted on this resource | Grantee also needs -A principal with this permission can delete underlying data at the Amazon S3 location specified by the table. The principal can also view the table on the Lake Formation console and retrieve information about the table with the AWS Glue API. +A principal with this permission can insert, update, and read underlying data at the Amazon S3 location specified by the table. The principal can also view the table on the Lake Formation console and retrieve information about the table with the AWS Glue API.