Help Center/ DataArts Lake Formation/ Service Overview/ Notes and Constraints
Updated on 2025-10-28 GMT+08:00
View PDF
Share

Notes and Constraints

Before using LakeFormation, ensure that you have read and understood the following restrictions.

Constraints on Web Browsers

Table 1 Constraints on web browsers

Item

Description

Browser
You are advised to use a recommended browser to log in to the LakeFormation management page.
  • Chrome: 94.0 or later
  • Edge: updated with the Windows operating system.

Constraints on User Names

Table 2 Constraints on user names

Item

Description

IAM username for instance operations

The IAM username for operating LakeFormation instances can contain only letters, digits, and underscores (_). Otherwise, LakeFormation may be unavailable.

Authorization entity name

The name of an authorization entity cannot contain hyphens (-). Otherwise, the operation may fail. Authorization entities include user groups, roles, IAM users, and agencies.

Constraints on Metadata

Table 3 Constraints on metadata

Item

Description

Data storage

LakeFormation depends on OBS. OBS nodes should be separately deployed based on the storage-compute decoupling architecture. The storage location of LakeFormation metadata corresponds to the OBS path and is interconnected with big data clusters such as MRS, which also adopts the storage-compute decoupling architecture. Access label must be enabled on OBS.

Metadata storage location
  • To prevent data conflicts, the storage paths of metadata such as catalogs, databases, and data tables cannot be the metadata storage path that is being used by other LakeFormation instances.
  • Database:
    • The storage location of the database must be under that of the catalog to which the database belongs.
    • The storage location of the database cannot be the parent path, subpath, or the same path of other databases (except the default database) in the same catalog.
    • If Database Storage Locations is set for the catalog the database belongs to, set the database storage location to a subpath of Database Storage Locations or Select Location of the catalog.
  • Data table:
    • The storage location of the data table must be different from that of the catalog and database to which the data table belongs.
    • If Data Table Storage Locations is set for the database the table belongs to, set the data table storage location to a subpath of Select Location or Data Table Storage Locations of the database.

Partition
  • The number of partitions cannot exceed 1,000,000,000.
  • In a data table, the combination of partition value corresponding to each partition must be unique.
  • A partition name consists of partition keys and partition values and its total length cannot exceed 1,000 characters.

Constraints on Permissions and Authorizations

Table 4 Constraints on permissions and authorizations

Item

Description

Number of authorizations
  • LakeFormation data permissions can be granted to a maximum of 20 entities at a time.
  • LakeFormation data permissions can be granted to a maximum of 10 metadata objects at a time.

Metadata authorization
  • Authorization and fine-grained permission control are not supported for catalog objects and their sub-metadata objects created by users.
  • LakeFormation does not support unified management of metadata and permissions across regions.
  • LakeFormation does not support unified management of metadata and permissions across instances.

Role

In LakeFormation, roles sharing identical names across different instances are associated with the same OBS access label during the authorization process. It is advised to avoid creating roles with duplicate names in separate LakeFormation instances within the same region to prevent conflicts.

Permission clearance

After any IAM user group is deleted, you need to manually delete the related permission policies in LakeFormation data permissions.