AWS connect documentation change
Summary
Added Important section clarifying RAM request behavior including expiration after 12 hours, reuse optimization, and documentation links
Security assessment
The change documents resource access management (RAM) expiration and optimization patterns, which relate to access control lifecycle management. While this improves awareness of security-adjacent resource sharing mechanics, there is no evidence of addressing a specific vulnerability.
Diff
diff --git a/connect/latest/adminguide/datalake-tables.md b/connect/latest/adminguide/datalake-tables.md index e3a45f751..8687cbef2 100644 --- a//connect/latest/adminguide/datalake-tables.md +++ b//connect/latest/adminguide/datalake-tables.md @@ -17 +17,11 @@ For information about the suggested IAM policies for data lake administrators, s - 3. Select the name of the resource share and **Accept resource share** + 3. Select the name of the resource share and **Accept resource share**. + +###### Important + + * An initial RAM request is created only for the first share. + + * Lake Formation optimizes subsequent shares by reusing existing accepted RAM requests when possible. + + * RAM requests expire after 12 hours if not accepted. + + * For more information about RAM requests, see [Accepting and rejecting resource share invitations](https://docs.aws.amazon.com/ram/latest/userguide/working-with-shared-invitations.html) and [Optimize AWS RAM resource shares](https://docs.aws.amazon.com/lake-formation/latest/dg/optimize-ram.html#optimize-version).