AWS athena medium security documentation change
Summary
Clarified restrictions on write/DML operations in workgroups with SSE-KMS encryption and S3 Requester Pays enabled
Security assessment
The change explicitly documents security-related limitations around encryption (SSE-KMS) and cost control mechanisms (Requester Pays) that could impact data protection and access controls
Diff
diff --git a/athena/latest/ug/gdc-register-s3-table-bucket-cat.md b/athena/latest/ug/gdc-register-s3-table-bucket-cat.md index 447094b98..f81a83581 100644 --- a//athena/latest/ug/gdc-register-s3-table-bucket-cat.md +++ b//athena/latest/ug/gdc-register-s3-table-bucket-cat.md @@ -27 +27,3 @@ Amazon S3 table buckets are a bucket type in Amazon S3 that is purpose-built to - * Queries against S3 Tables are not supported in workgroups with SSE_KMS result encryption or the S3 Requester Pays option enabled. + * In workgroups with SSE-KMS encryption enabled, you can't run write operations like `INSERT`, `UPDATE`, `DELETE`, or `MERGE` on S3 Tables. + + * In workgroups with S3 Requester Pays option enabled, you can't run DML operations on S3 Tables.