Creating LF-Tags
All LF-Tags must be defined in Lake Formation before they can be used. A LF-Tag consists of a key and one or more possible values for the key.
After the data lake administrator has setup the required IAM permissions and Lake Formation permissions for the LF-Tag creator role, the principal can create a LF-Tag. The LF-Tag creator gets implicit permission to update or remove any tag value from the LF-Tag and delete the LF-Tag.
You can create LF-Tags by using the AWS Lake Formation console, the API, or the AWS Command Line Interface (AWS CLI).
As tag creator , the principal gets Alter
permission on this LF-Tag and can
update or remove any tag value from this LF-Tag. The LF-Tag creator principal
can also grant Alter
permission to another principal to update and remove tag
values on this LF-Tag.