AWS AmazonS3 documentation change
Summary
Added note about KMS key permissions required for roles working with encrypted tables in AWS analytics services.
Security assessment
Clarifies permission requirements for encrypted data in integrated services but does not address a specific security incident. Enhances security documentation for access controls.
Diff
diff --git a/AmazonS3/latest/userguide/s3-tables-integrating-aws.md b/AmazonS3/latest/userguide/s3-tables-integrating-aws.md index 94df78ebc..1a6773b46 100644 --- a//AmazonS3/latest/userguide/s3-tables-integrating-aws.md +++ b//AmazonS3/latest/userguide/s3-tables-integrating-aws.md @@ -296,0 +297,4 @@ The AWS analytics services integration process has been updated. If you've set u +###### Note + +If you want to work with SSE-KMS encrypted tables in integrated AWS analytics services, the role you use needs to have permission to use your AWS KMS key for encryption operations. For more information, see [ Granting IAM principals permissions to work with encrypted tables in integrated AWS analytics services](./s3-tables-kms-permissions.html#tables-kms-integration-permissions). +