Posted On: Nov 14, 2022
You can now apply AWS Lake Formation fine-grained access control policies with all table and file format supported by Amazon Athena. Lake Formation allows for centrally managing permissions and access control for data catalog resources in your S3 data lake. You can use fine-grained access control in Lake Formation to restrict access to data in query results using data filters to achieve column-level, row-level and cell-level security.
With today’s launch, you can enforce fine-grained access control policies in Athena queries for data stored in any supported file format using table formats such as Apache Iceberg, Apache Hudi and Apache Hive. You get the flexibility to choose the table and file format best suited for your use case and get the benefit of centralized data governance to secure data access when using Athena. For example, you can use Iceberg table format to store data in your S3 data lake for reliable write transactions at scale, together with row level security filters in Lake Formation so that data analysts residing in different countries get access to data only for customers located in their own country to meet the regulatory requirements. The new expanded support for table and file formats does not require any change in how you setup fine-grained access control policies in Lake Formation and requires Athena engine version 3 which offers new features and improved query performance.
Expanded fine-grained access control is available in all regions supported by Athena. To learn more see Working with fine-grained access control in the Athena user documentation.