Controlling access to metadata tables - Amazon Simple Storage Service

Controlling access to metadata tables

Note

The S3 Metadata feature is in preview release for Amazon S3 and is subject to change.

To control access to your Amazon S3 metadata tables, you can use AWS Identity and Access Management (IAM) resource-based policies that are attached to your table bucket and to your metadata table. In other words, you can control access to your metadata tables at both the table bucket level and the table level.

For more information about controlling access to your table buckets and tables, see Access management for S3 Tables.

Important

Make sure that you don't restrict Amazon S3 from writing to your table bucket or your metadata table. If Amazon S3 is unable to write to your table bucket or your metadata table, you must create a new metadata table by deleting your metadata table configuration and then creating a new configuration.

You can also control access to the rows and columns in your metadata table through AWS Lake Formation. For more information, see Managing Lake Formation permissions and Data filtering and cell-level security in Lake Formation in the AWS Lake Formation Developer Guide.