Test Users & Groups

To demonstrate different Lake Formation security capabilities, we will use few test users & group, where each of the user has different level of access to the data lake. The CloudFormation template that creates TPC data, also creates these sets of users and groups in an Active Directory.
  • lf-developer can only see web_page & web_sales tables.
  • lf-campaign_manager can see everything except web_page table.
  • lf-business_analyst can see everything except web_page, web_sales and cannot check customer personal information, for example: email address, address, date of birth, etc.
  • lf-admin has access to all Lake Formation components and can make any changes in Lake Formation.