Enter password to view project

Amazon DataZone: Access Control

Fine-grained data permissioning to let publishers securely share partial datasets without creating redundant assets.

Role

Lead UX Designer

Industry

Data Governance

Duration

2 months

Problem and Background

A core feature of our product is data permissioning—ensuring the right people have access to the right data. Customers frequently needed to share a dataset while excluding sensitive columns (e.g. PII).
Currently our customers were creating multiple version of a single data asset to solve that need, which added significant complexity and impeded scalability.

Competitive Analysis

I analyzed how leading platforms (Snowflake, Databricks, AWS Lake Formation) handled permissioning, focusing on how access logic was created, how restrictions were shown to end users, and how easily permissions could be modified over time.
A key insight was that most enterprise tools prioritize publisher control over subscriber transparency to reduce misuse and support compliance—an approach that directly informed our design decisions.

Competitive Analysis

Mapping out the flows

Because our product supports both publishers and subscribers, I mapped flows for each and explored a key question: should subscribers know they’re receiving restricted data?
After evaluating transparency vs. safety tradeoffs, we chose to keep all permissioning on the publisher side. This reduced cognitive load for subscribers, prevented accidental data misuse, and aligned with enterprise compliance expectations

Wireframing and Initial Exploration

I created some initial wireframing to help inform further conversation and make sure that we were aligned with our back-end engineers. From these we made a decision to keep all data permissioning on the publisher side, subscriber wouldn’t know about any missing columns or rows from their data set at all.

High-Fidelity Iteration and feedback

Once the flow was finalized, I created high-fidelity mocks for all key states and walkthroughs. These were used in reviews with leadership and a major customer to validate real-world workflows, build trust, and demonstrate our commitment to customer-driven development.

Launch and Impact

The feature launched in April 2024 and quickly exceeded expectations: 78% of target customers adopted data filtering, and Sales identified it as a critical factor in closing new deals.
Customer feedback was overwhelmingly positive, with repeated requests to expand permissioning to additional data asset types—validating both product-market fit and long-term value.