AWS Security ChangesHomeSearch

AWS lake-formation documentation change

Service: lake-formation · 2025-04-18 · Documentation low

File: lake-formation/latest/dg/notes-s3-catalog.md

Summary

Added note that LF-TBAC access control is not supported for S3 tables catalog and clarified column name case sensitivity requirements.

Security assessment

Documents limitations of LF-TBAC (a security feature) but does not indicate a vulnerability. Clarifies security-relevant configuration requirements for column names.

Diff

diff --git a/lake-formation/latest/dg/notes-s3-catalog.md b/lake-formation/latest/dg/notes-s3-catalog.md
index d917be9af..e7101963a 100644
--- a//lake-formation/latest/dg/notes-s3-catalog.md
+++ b//lake-formation/latest/dg/notes-s3-catalog.md
@@ -11 +11,3 @@ The following limitations apply to integrating S3 tables catalog with Data Catal
-  * Lake Formation doesn't support mixed-case column names. Use `customer_id` instead of `customerId`. The use of mixed-case column names was supported only during the preview release.
+  * The LF-Tag Based Access Control (LF-TBAC) method for granting permissions is not supported for catalogs, databases, tables that have `S3 Tables` as their storage location.
+
+  * AWS Glue and Lake Formation don't support mixed-case column names, and convert all column names to lowercase. You must verify that table column names are unique when converted to lowercase. Use `customer_id` instead of `customerId`. The use of mixed-case column names was supported only during the preview release.