AWS lake-formation documentation change
Summary
Added note that LF-TBAC access control is not supported for S3 tables catalog and clarified column name case sensitivity requirements.
Security assessment
Documents limitations of LF-TBAC (a security feature) but does not indicate a vulnerability. Clarifies security-relevant configuration requirements for column names.
Diff
diff --git a/lake-formation/latest/dg/notes-s3-catalog.md b/lake-formation/latest/dg/notes-s3-catalog.md index d917be9af..e7101963a 100644 --- a//lake-formation/latest/dg/notes-s3-catalog.md +++ b//lake-formation/latest/dg/notes-s3-catalog.md @@ -11 +11,3 @@ The following limitations apply to integrating S3 tables catalog with Data Catal - * Lake Formation doesn't support mixed-case column names. Use `customer_id` instead of `customerId`. The use of mixed-case column names was supported only during the preview release. + * The LF-Tag Based Access Control (LF-TBAC) method for granting permissions is not supported for catalogs, databases, tables that have `S3 Tables` as their storage location. + + * AWS Glue and Lake Formation don't support mixed-case column names, and convert all column names to lowercase. You must verify that table column names are unique when converted to lowercase. Use `customer_id` instead of `customerId`. The use of mixed-case column names was supported only during the preview release.