npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@aws-mdaa/lakeformation-tags-l3-construct

v1.4.0

Published

MDAA LakeFormation Tags L3 Construct

Downloads

539

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mdaa-dev-teammdaa-dev-team

Keywords

Readme

Lake Formation Tags L3 Construct

This package provides two constructs for managing AWS Lake Formation tags and their associations with data resources for tag-based access control (TBAC).

Overview

Lake Formation tags (LF-Tags) are key-value pairs that you can attach to Data Catalog resources (databases, tables, columns). These tags enable attribute-based access control, allowing you to grant permissions based on tag expressions rather than individual resources.

This package separates tag creation from tag association into two distinct constructs:

  • LakeFormationTagsL3Construct: Creates LF-Tags at the account level
  • LakeFormationTagAssociationL3Construct: Associates existing tags with databases and tables

Constructs

LakeFormationTagsL3Construct

Creates LF-Tags at the account level. These tags define the vocabulary for tag-based access control and can be reused across multiple databases and tables.

Usage

import { LakeFormationTagsL3Construct } from '@aws-mdaa/lakeformation-tags-l3-construct';

const tagsConstruct = new LakeFormationTagsL3Construct(this, 'ProjectLFTags', {
  lfTags: [
    {
      tagKey: 'environment',
      tagValues: ['dev', 'test', 'prod'],
    },
    {
      tagKey: 'data_tier',
      tagValues: ['bronze', 'silver', 'gold'],
    },
  ],
});

Properties

  • lfTags (required): Array of LFTagConfig objects defining the tags to create

LFTagConfig

  • tagKey (required): The key (name) of the Lake Formation tag
  • tagValues (required): Array of allowed values for this tag
  • catalogId (optional): The catalog ID where the tag will be created (defaults to current account)

LakeFormationTagAssociationL3Construct

Associates existing LF-Tags with databases and tables. This construct assumes the tags have already been created.

Usage

import { 
  LakeFormationTagsL3Construct,
  LakeFormationTagAssociationL3Construct 
} from '@aws-mdaa/lakeformation-tags-l3-construct';

// First, create the tags
const tagsConstruct = new LakeFormationTagsL3Construct(this, 'ProjectLFTags', {
  lfTags: [
    {
      tagKey: 'environment',
      tagValues: ['dev', 'test', 'prod'],
    },
    {
      tagKey: 'data_tier',
      tagValues: ['bronze', 'silver', 'gold'],
    },
  ],
});

// Then, associate tags with a database
new LakeFormationTagAssociationL3Construct(this, 'DatabaseTagAssociation', {
  databaseName: 'my-database',
  tagValues: [
    {
      tagKey: 'environment',
      tagValues: ['prod'],
    },
    {
      tagKey: 'data_tier',
      tagValues: ['gold'],
    },
  ],
  projectLevelTagsConstruct: tagsConstruct, // Ensures tags exist before association
});

// Optionally, associate tags with specific tables
new LakeFormationTagAssociationL3Construct(this, 'TableTagAssociation', {
  databaseName: 'my-database',
  tables: ['table1', 'table2'],
  tagValues: [
    {
      tagKey: 'environment',
      tagValues: ['prod'],
    },
  ],
  projectLevelTagsConstruct: tagsConstruct,
});

Properties

  • databaseName (required): The Glue database name to associate tags with
  • tagValues (required): Array of LFTagConfig objects specifying which tag values to associate
  • projectLevelTagsConstruct (optional): Reference to the construct that created the tags (for dependency management)
  • tables (optional): Array of specific table names to associate tags with

Complete Example

import { 
  LakeFormationTagsL3Construct,
  LakeFormationTagAssociationL3Construct 
} from '@aws-mdaa/lakeformation-tags-l3-construct';

// Step 1: Create account-level tags
const tagsConstruct = new LakeFormationTagsL3Construct(this, 'OrgLFTags', {
  lfTags: [
    {
      tagKey: 'environment',
      tagValues: ['dev', 'test', 'prod'],
    },
    {
      tagKey: 'data_tier',
      tagValues: ['bronze', 'silver', 'gold'],
    },
    {
      tagKey: 'pii',
      tagValues: ['true', 'false'],
    },
  ],
});

// Step 2: Associate tags with production database
new LakeFormationTagAssociationL3Construct(this, 'ProdDatabaseTags', {
  databaseName: 'production-db',
  tagValues: [
    { tagKey: 'environment', tagValues: ['prod'] },
    { tagKey: 'data_tier', tagValues: ['gold'] },
  ],
  projectLevelTagsConstruct: tagsConstruct,
});

// Step 3: Associate tags with specific sensitive tables
new LakeFormationTagAssociationL3Construct(this, 'SensitiveTableTags', {
  databaseName: 'production-db',
  tables: ['customers', 'transactions'],
  tagValues: [
    { tagKey: 'pii', tagValues: ['true'] },
  ],
  projectLevelTagsConstruct: tagsConstruct,
});

Best Practices

  1. Separation of Concerns: Create tags once at the account level, then associate them with multiple resources as needed
  2. Tag Naming: Use consistent naming conventions for tag keys (e.g., snake_case)
  3. Tag Values: Define all possible values upfront in the tag creation step to ensure consistent tagging
  4. Dependencies: Always pass projectLevelTagsConstruct to ensure tags exist before associations are created
  5. Reusability: Account-level tags can be reused across multiple databases and tables

Related Constructs

  • LakeFormationTagBasedPermissionsL3Construct: Grant permissions based on LF-Tag expressions
  • LakeFormationAccessControlL3Construct: Traditional resource-based Lake Formation permissions