AWS security-lake documentation change
Summary
Added section about querying data with retention settings and time-based filtering requirements
Security assessment
Documents operational best practices for querying within retention periods but doesn't address a specific security vulnerability. Enhances documentation about existing security-related retention features without indicating a security issue.
Diff
diff --git a/security-lake/latest/userguide/subscriber-query-examples.md b/security-lake/latest/userguide/subscriber-query-examples.md index d75776a84..7a07e8b65 100644 --- a/security-lake/latest/userguide/subscriber-query-examples.md +++ b/security-lake/latest/userguide/subscriber-query-examples.md @@ -10,0 +11,8 @@ The Lake Formation data lake administrator must grant `SELECT` permissions on th +**Querying data with retention settings** + + + +The [Amazon S3 Lifecycle settings](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) affect how long data is kept, which in turn affects how far back in time you can query. If you have retention settings configured in Security Lake, you must include a time-based filter in your queries to ensure your result sets are scoped to the data files that have not expired. For more information about data retention in Security Lake, see [Lifecycle management](./lifecycle-management.html). + +The query examples in the following sections include time-based filters, such as `eventDay` or `time_dt`, to demonstrate this best practice. +