Lake Formation Column-based access on a resource link

0

First, what I see in the very last screenshot image of the Granting resource link permissions page is that the 'column based permissions' option is disabled ... Different presentation

..., but in our account, for a resource link I have a different presentation with different options, no super. No super persmission

  1. Not blocker : I wonder if the difference between the two images is only a recent change in the interface.
  2. Blocker: Why it isn't possible to grant column-bassed permissions on a resource link?

Our use case is the following.

  • Producer account : Sharing 'tableA' with an external account (Consumer) with Alter, Describe, Insert & Select permissions with all columns. Done with both cross account versions
  • Consumer account:
    • Create resource link tableA_producer from the Producer.tableA shared table.
    • Trying to grant access to some users to tableA_producer, but to only some columns ... But what I see now is that it is not possible, why ? We don't want to do multiple resource sharings from Prod for the same resource.

Bonus question : What are the differences between the 'cross account version settings' version 1 and 2 ? Enter image description here

1개 답변
0

The resource link to a shared database or for a table allows for that database or table to appear in the Amazon Athena and Amazon Redshift Spectrum query editors. That is different from providing Table access. You can still provide access an individual table (with optional column filtering) as the next step.

profile pictureAWS
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인