Closed bagg3rs closed 5 months ago
Slack thread of initial discussions with the team https://mojdt.slack.com/archives/C04M8224WCV/p1713364819258839
Summary of my initial thoughts:
"AWS Lake Formation is for use cases where you need to manage access for tabular data (e.g., Glue tables), where you might want to enforce row- and column-level access."
"using an integrated service such as Amazon Athena, AWS Glue, Amazon EMR, or Amazon Redshift Spectrum"
Some thoughts/discussion on Identity Centre with the team in https://mojdt.slack.com/archives/C04M8224WCV/p1713537790475079
User Story
As a Analytical Platform user I want to use one identity to access data resources So that accessing and requesting access to data and using analytical applications is simplified
Value / Purpose
We need the availability of IAM Identity Centre being integrated with EntraID with groups to allow and test tagged based access
IAM Identity Center along with identity propagation and Lake Formation tags should give the Data Platform Service area a unified way to grant access to AWS services including S3, Athena, QuickSight and Glue Catalogue.
Useful Contacts
RichB, Julia
Hypothesis
If we use AWS IDAM Identity Centre and Lake Formation Then we can simplify access management for Data Platform services
Proposal
Can IAM Identity Center can be the centre of Data Platform services?
Additional Information
Definition of Done