search

ministryofjustice / analytical-platform

Analytical Platform • This repository is defined and managed in Terraform
https://docs.analytical-platform.service.justice.gov.uk
MIT License
8 stars 4 forks source link

📖 Determine IAM permissions required when using hybrid mode #4659

Closed michaeljcollinsuk closed 2 weeks ago

michaeljcollinsuk commented 2 weeks ago

User Story

As a engineer I need to know which permissions an IAM user requires to access data when using LF hybrid mode So that we can apply these permissions to existing IAM roles

Value / Purpose

We need to use hybrid mode to ensure users do not lose access to their data. We need to ensure that users IAM roles have the required permissions to use Lake Formation hybrid mode

Useful Contacts

No response

User Types

No response

Hypothesis

No response

Proposal

Determine permissions required to use Lake Formation hybrid mode to ensure users do not lose access to their datasets.

Additional Information

Related to findings from https://github.com/ministryofjustice/analytical-platform/issues/4359

Definition of Done

julialawrence commented 2 weeks ago

Good ticket for someone who's not touched LF

BrianEllwood commented 2 weeks ago

The permissions required when using Lake formation hybrid mode were identified in the work for this ticket

The findings are recorded in this document

The following permission needs granting to the users prior to the implementation of Lake Formation Hybrid mode to avoid breaking the users access: lakeformation:GetDataAccess

This is the AWS documentation

BrianEllwood commented 2 weeks ago

Sorry marked as done in error

BrianEllwood commented 2 weeks ago

I will check in standup if any follow up tickets are required.

BrianEllwood commented 2 weeks ago

follow on ticket 4707