Test Users & Groups

To demonstrate different Lake Formation security capabilities, we will use few test users & group, where each of the user has different level of access to the data lake. The CloudFormation template that creates TPC data, also creates these sets of users and groups in an Active Directory.
  • lf-admin has access to all Lake Formation components and can make any changes in Lake Formation.
  • lf-developer can only see web_page & web_sales tables. [table-based access control]
  • lf-business_analyst can only see non-PII columns from the customer table. [column-based access control]
  • lf-campaign_manager can only see table household_demographics & few non-PII columns of the customer table that are tagged with campaign. [tag-based access control]