AWS Security ChangesHomeSearch

AWS athena documentation change

Service: athena · 2025-02-26 · Documentation low

File: athena/latest/ug/encrypting-query-results-stored-in-s3.md

Summary

Updated grammar in workgroup settings explanation, changed encryption section title to 'Convert CSE-KMS table data to SSE-KMS', and fixed contractions

Security assessment

The change adds documentation about converting between encryption types (CSE-KMS to SSE-KMS), which is a security feature. However, there's no evidence this addresses a specific security vulnerability - it appears to be routine documentation improvement about existing encryption options.

Diff

diff --git a/athena/latest/ug/encrypting-query-results-stored-in-s3.md
index 455992a9e..c96484cc5 100644
--- a/athena/latest/ug/encrypting-query-results-stored-in-s3.md
+++ b/athena/latest/ug/encrypting-query-results-stored-in-s3.md
@@ -28 +28 @@ In the console, you can configure the setting for encryption of query results in
-If your workgroup has the **Override client-side settings** field selected, then all queries in the workgroup use the workgroup settings. The encryption configuration and the query results location specified on the **Settings** tab in the Athena console, by API operations and by JDBC and ODBC drivers are not used. For more information, see [Override client-side settings](./workgroups-settings-override.html).
+If your workgroup has the **Override client-side settings** field selected, then all queries in the workgroup use the workgroup settings. The encryption configuration and the query results location specified on the **Settings** tab in the Athena console, by API operations and by JDBC and ODBC drivers aren't used. For more information, see [Override client-side settings](./workgroups-settings-override.html).
@@ -48 +48 @@ If your workgroup has the **Override client-side settings** field selected, then
-     * If your account does not have access to an existing customer managed key (CMK), choose **Create an AWS KMS key** , and then open the [AWS KMS console](https://console.aws.amazon.com/kms). For more information, see [Creating keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) in the _AWS Key Management Service Developer Guide_.
+     * If your account doesn't have access to an existing customer managed key (CMK), choose **Create an AWS KMS key** , and then open the [AWS KMS console](https://console.aws.amazon.com/kms). For more information, see [Creating keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) in the _AWS Key Management Service Developer Guide_.
@@ -71 +71 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Encryption at rest
+Convert CSE-KMS table data to SSE-KMS