AWS Security ChangesHomeSearch

AWS security-lake documentation change

Service: security-lake · 2025-03-30 · Documentation low

File: security-lake/latest/userguide/subscriber-query-examples.md

Summary

Added section about querying data with retention settings and time-based filtering requirements

Security assessment

Documents operational best practices for querying within retention periods but doesn't address a specific security vulnerability. Enhances documentation about existing security-related retention features without indicating a security issue.

Diff

diff --git a/security-lake/latest/userguide/subscriber-query-examples.md b/security-lake/latest/userguide/subscriber-query-examples.md
index d75776a84..7a07e8b65 100644
--- a/security-lake/latest/userguide/subscriber-query-examples.md
+++ b/security-lake/latest/userguide/subscriber-query-examples.md
@@ -10,0 +11,8 @@ The Lake Formation data lake administrator must grant `SELECT` permissions on th
+**Querying data with retention settings**
+
+    
+
+The [Amazon S3 Lifecycle settings](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) affect how long data is kept, which in turn affects how far back in time you can query. If you have retention settings configured in Security Lake, you must include a time-based filter in your queries to ensure your result sets are scoped to the data files that have not expired. For more information about data retention in Security Lake, see [Lifecycle management](./lifecycle-management.html). 
+
+The query examples in the following sections include time-based filters, such as `eventDay` or `time_dt`, to demonstrate this best practice.
+