AWS lake-formation documentation change
Summary
Added LF-Tag expression size limitation and updated section title to include ABAC considerations
Security assessment
Documents technical limitations of LF-Tag expressions and explicitly calls out ABAC considerations, enhancing security feature documentation without addressing vulnerabilities.
Diff
diff --git a/lake-formation/latest/dg/lf-tag-considerations.md b/lake-formation/latest/dg/lf-tag-considerations.md index 79fae4bb7..8888a681b 100644 --- a//lake-formation/latest/dg/lf-tag-considerations.md +++ b//lake-formation/latest/dg/lf-tag-considerations.md @@ -82,0 +83,2 @@ For more information, see [Cross-account data sharing in Lake Formation](./cross + * When granting or revoking permissions on an inline LF-Tag expression, the size of the LF-Tag expression can not exceed 900 bytes. To grant permissions on larger LF-Tag expressions, use the saved LF-Tag expressions. For more information, see [Creating LF-Tag expressions](./TBAC-creating-tag-expressions.html). + @@ -94 +96 @@ IAM Identity Center integration limitations -Troubleshooting Lake Formation +Attribute-based access control considerations, limitations, and supported regions