Constraints and Limitations

After a IAM user group is deleted, you need to manually delete the related permission policies in LakeFormation data permissions.
The path selected during database creation cannot be the parent path or the same path of the catalog where the database is located, or the parent path, subpath, or the same path of other databases (except the default database) in the same catalog.
The storage location of the created database must be under that of the catalog to which the database belongs.
Authorization and fine-grained permission control are not supported for catalog objects and their sub-metadata objects created by users.
LakeFormation data permissions can be granted to a maximum of 20 entities or 10 metadata objects at a time.
The number of partitions cannot exceed 1,000,000,000.
LakeFormation does not support unified management of metadata and permissions across regions.
LakeFormation does not support unified management of metadata and permissions across instances.
In a data table, the combination of partition value corresponding to each partition must be unique.
A partition name consists of partition keys and partition values and its total length cannot exceed 1,000 characters.
In the parameter description of metadata, one Chinese character contains three bytes.
LakeFormation needs the parallel file system of OBS. OBS nodes should be separately deployed based on the storage-compute decoupling architecture. The storage location of LakeFormation metadata corresponds to the OBS path and is interconnected with big data clusters such as MRS, which also adopts the storage-compute decoupling architecture. The OBS parallel file system must support the AccessLabel feature.
In LakeFormation, roles sharing identical names across different instances are associated with the same OBS AccessLabel during the authorization process. It is recommended to avoid creating roles with duplicate names in separate instances within the same region to prevent conflicts.