- 新しい順
- 投票が多い順
- コメントが多い順
Thanks for using AWS Lake Formation and for the feedback. Both permissions for IAM groups and user defined blueprints are not yet supported, but the team is aware of these product requests.
In the meantime, a workaround for groups is to create a role to which you grant Lake Formation and querying permissions, then allow members of the IAM group to assume that role. Remember that when they assume the role, they only have that role's permissions. See here:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html
Remember to make the AWS account from which you are calling AssumeRole a trusted entity for the role:
https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_roles.html#troubleshoot_roles_cant-assume-role
関連するコンテンツ
- AWS公式更新しました 1年前