Test Users & Groups
To demonstrate different Lake Formation security capabilities, we will use few test users & group, where each of the
user has different level of access to the data lake. The CloudFormation template that creates TPC data, also creates
these sets of users and groups in an Active Directory.
- lf-admin has access to all Lake Formation components and can make any changes in Lake Formation.
- lf-developer can only see web_page & web_sales tables. [table-based access
- lf-business_analyst can only see non-PII columns from the customer table.
[column-based access control]
- lf-campaign_manager can only see table household_demographics & few non-PII columns of the
customer table that are tagged with campaign. [tag-based access control]