search

awslabs / aws-orbit-workbench

A Data Platform built for AWS, powered by Kubernetes.
https://awslabs.github.io/aws-orbit-workbench/
Apache License 2.0
127 stars 26 forks source link

Add integration to LakeFormation semantic tagging #516

Closed abaror closed 3 years ago

abaror commented 3 years ago
  1. We need to add tags to team definition in the manifest. These tags should be added to the team role.
  2. We need to register the team role with Lake formation
  3. Build a use case like we had in DataMaker to see it all works nicely
stthoom commented 3 years ago

WIP. Performed POC with policy tags using AWS console over Orbit lake-user IAM role to validate the tag based access control.

Need to extend the LF interaction with Orbit CDK and Notebook boto3.

Direction - Create new Admin team( notebooks to setup Lake-formation in account and add orbit admin role to LF administrators). Lake creator should create the schema database and tables + add the policy tags to the resources. Lake user should verify the access of given/restricted database/tables/columns.