AWS AmazonS3 medium security documentation change
Summary
Removed a note about granting Lake Formation permissions for Amazon Data Firehose resource links.
Security assessment
The removed note previously emphasized the need to grant permissions to both resource links and target namespaces. Its absence could lead to misconfigured permissions, increasing the risk of unintended data access. However, there is no explicit evidence of a resolved vulnerability.
Diff
diff --git a/AmazonS3/latest/userguide/s3-tables-integrating-aws.md b/AmazonS3/latest/userguide/s3-tables-integrating-aws.md index cbcaf5973..fec4d14f6 100644 --- a//AmazonS3/latest/userguide/s3-tables-integrating-aws.md +++ b//AmazonS3/latest/userguide/s3-tables-integrating-aws.md @@ -339,4 +338,0 @@ You must grant other IAM principals Lake Formation permissions on your table res -###### Note - -For Amazon Data Firehose, which uses a resource link to access your tables, you must separately grant permissions to both the resource link and the target (linked) namespace. For more information, see [Granting permission on a resource link](./s3-tables-integrating-firehose.html#grant-lf-resource-link). -