AWS lake-formation documentation change
Summary
Added troubleshooting entry for temporary authorization error when querying tables with redirected resource links, recommending QuerySessionContext protocol or 24-hour wait
Security assessment
This documents an authorization error scenario and provides mitigation guidance. While related to access control security, there's no evidence of a specific security vulnerability being addressed - it appears to be routine troubleshooting documentation.
Diff
diff --git a/lake-formation/latest/dg/troubleshooting.md b/lake-formation/latest/dg/troubleshooting.md index f13c7f10d..701f0d4f3 100644 --- a//lake-formation/latest/dg/troubleshooting.md +++ b//lake-formation/latest/dg/troubleshooting.md @@ -57,0 +58,4 @@ You should delete all invalid data lake administrators (deleted IAM roles that a +### Error: "Caller is temporarily not authorized to perform this operation on resource..." + +An attempt was made to query a table using a resource link that may have been redirected. To avoid this error, your application should adopt the [QuerySessionContext](https://docs.aws.amazon.com/glue/latest/webapi/API_QuerySessionContext.html) protocol. See [Lake Formation workflow for application integration API operations](https://docs.aws.amazon.com/lake-formation/latest/dg/api-overview.html) for more information. Otherwise, please wait 24 hours before attempting to execute your query again. +