Data lake security
In this section, we will discuss bout various options and methodologies to enhance the security aspects of your data lake. We will talk about security across multiple layers; however, this should only be considered a starting point. You will have to work more and add additional security layers as applicable to your project.
Data lake access control
To secure a data lake, we can use a combination of user-based access policies and resource-based access policies. User policies are attached to users/roles and control the actions that a user/role can perform within an account. In addition to user-based control policies, we can attach access policies to resources such as Amazon S3, Amazon SQS, and more, to control access specifically for that resource. This provides another layer of security for protecting AWS resources. As a general best practice, the access policies should be kept least privilege to allow only required actions with specific conditions.