Amazon Unveils New Security Features for AWS Lake Formation



Hear from CIOs, CTOs, and other senior executives and leaders on data and AI strategies at the Future of Work Summit on January 12, 2022. Learn more

Amazon Web Services (AWS) today announced new features to provide secure access to sensitive data in the AWS Lake Formation data lake service, with the introduction of row and cell level security capabilities.

AWS Lake Formation enables the collection and cataloging of data from databases and object storage, but it is up to users to determine the best way to secure access to different slices of data.

To facilitate this, row and cell-level security capabilities for Lake Formation are now generally available, AWS CEO Adam Selipsky said today speaking at the AWS re: Invent 2021 conference. .

To gain personalized access to data slices, users previously had to create and manage multiple copies of the data, synchronize all copies, and manage “complex” data pipelines, Selipsky said.

Reduce the complexity of data lakes

AWS Lake Formation users were asking for a more direct way to govern access to data lakes, while eliminating the “big effort” associated with providing secure access, he said.

With the new updates announced today, “you can now apply access controls for individual rows and cells,” said Selipsky. “Lake Formation automatically filters data and only reveals data permitted by your policy to authorized users.”

To secure sales data, for example, rather than creating multiple tables for each sales team and country, “you simply define a set of policies that allow access to specific rows for specific users, without having to. duplicate data or create data pipelines, ”he mentioned. “It puts the right data in the hands of the right people, and only the right people. “

In a blog postAWS Chief Evangelist Danilo Poccia said that access to certain rows and columns can be controlled in both query results and AWS Glue ETL jobs.

“That way you don’t need to create (and keep up to date) subsets of your data for different roles and legislations,” Poccia said.

It works for both governed and traditional tables in S3, he said in the post.

The challenges of cloud security

AWS security updates come as businesses continue their accelerated journey to the cloud, even as security processes struggle to keep up. A recent survey of cloud engineering professionals found that 36% of organizations have experienced a cloud security data breach or serious breach in the past 12 months.

On Monday, AWS announced several new features to improve and automate vulnerability management on its platform, in response to changing cloud security requirements.

The new features added to the Amazon Inspector service will address the “critical need to detect and correct quickly” in order to secure workloads in the cloud, according to AWS. Features include continuous and automated assessment scans, which replace manual scans that only occur periodically, as well as automated resource discovery.

AWS re: Invent 2021 runs through Friday, both in person in Las Vegas and online.


VentureBeat’s mission is to be a digital public place for technical decision-makers to learn about transformative technology and conduct transactions. Our site provides essential information on data technologies and strategies to guide you in managing your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the topics that interest you
  • our newsletters
  • Closed thought leader content and discounted access to our popular events, such as Transform 2021: Learn more
  • networking features, and more

Become a member



Comments are closed.