Implement fine-grained access control for Iceberg tables using Amazon EMR on EKS integrated with AWS Lake Formation
Big Data Blog
This article demonstrates how to implement fine-grained access control (FGAC) for Apache Iceberg tables using Amazon EMR on EKS and AWS Lake Formation across multiple accounts in a data mesh architecture.
- Solution enables secure data sharing with column, row, and cell-level security controls
- Uses a healthcare domain example with two tables: Patients and Claims
- Implements different access levels for different user personas/teams
- Leverages cross-account Lake Formation permissions and resource links
- Demonstrates how to set up infrastructure in producer and consumer AWS accounts
Key features include: • Filtering sensitive columns (e.g., SSN) • Restricting data access based on state • Enabling controlled data sharing across organizational boundaries • Supporting data mesh principles of decentralized data ownership
The solution provides a robust framework for implementing granular data access controls while maintaining data governance and security across multiple teams and accounts.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
2025
2024
2024
2025
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.