AWS Security ChangesHomeSearch

AWS redshift documentation change

Service: redshift · 2025-11-25 · Documentation low

File: redshift/latest/dg/r_ATTACH_RLS_POLICY.md

Summary

Added database/schema qualification syntax and federated permissions documentation

Security assessment

The change enables attaching RLS policies across databases and documents federated permissions integration, improving access control documentation without evidence of security fixes.

Diff

diff --git a/redshift/latest/dg/r_ATTACH_RLS_POLICY.md b/redshift/latest/dg/r_ATTACH_RLS_POLICY.md
index d703f2ae6..dcfedbd38 100644
--- a//redshift/latest/dg/r_ATTACH_RLS_POLICY.md
+++ b//redshift/latest/dg/r_ATTACH_RLS_POLICY.md
@@ -18,2 +18,6 @@ Superusers and users or roles that have the `sys:secadmin` role can attach a pol
-    ATTACH RLS POLICY _policy_name_ ON [TABLE] _table_name_ [, ...]
-    TO { _user_name_ | ROLE _role_name_ | PUBLIC } [, ...]
+    ATTACH RLS POLICY 
+    {
+      policy_name ON [TABLE] table_name [, ...]
+      | database_name.policy_name ON [TABLE] database_name.schema_name.table_name [, ...]
+    }
+    TO { user_name | ROLE role_name | PUBLIC } [, ...]
@@ -28 +32,11 @@ The name of the policy.
-ON [TABLE] _table_name_ [, ...]
+database_name
+    
+
+The name of the database where the policy and the relation are created. The policy and the relation needs to be on the same database. The database can be the connected database or a database that supports Amazon Redshift federated permissions.
+
+schema_name
+    
+
+The name of the schema the relation belongs to.
+
+table_name
@@ -37,0 +52,2 @@ Specifies whether the policy is attached to one or more specified users or roles
+For the usage of ATTACH RLS POLICY on Amazon Redshift Federated Permissions Catalog, see [ Managing access control with Amazon Redshift federated permissions](https://docs.aws.amazon.com/redshift/latest/dg/federated-permissions-managing-access.html).
+