AWS lake-formation documentation change
Summary
Added explanation of LF-TBAC requirements for tag-based access control
Security assessment
Documents security feature (LF-TBAC) requirements for proper access control configuration. Enhances security documentation but doesn't fix a specific vulnerability.
Diff
diff --git a/lake-formation/latest/dg/s3-tables-grant-permissions.md b/lake-formation/latest/dg/s3-tables-grant-permissions.md index be9143dcb..fe2b16c48 100644 --- a//lake-formation/latest/dg/s3-tables-grant-permissions.md +++ b//lake-formation/latest/dg/s3-tables-grant-permissions.md @@ -8,0 +9,4 @@ After integrating your S3 tables with AWS Lake Formation, you can grant permissi +You can grant permissions by using either the named resource method or the Lake Formation tag-based access control (LF-TBAC) method. Before granting permissions using LF-Tags and LF-Tag expressions, you must define them and assing them to Data Catalog objects. + +For more information, see [Managing LF-Tags for metadata access control](./managing-tags.html). +