AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-04-18 · Documentation low

File: AmazonS3/latest/userguide/s3-tables-integrating-aws.md

Summary

Added note about KMS key permissions required for roles working with encrypted tables in AWS analytics services.

Security assessment

Clarifies permission requirements for encrypted data in integrated services but does not address a specific security incident. Enhances security documentation for access controls.

Diff

diff --git a/AmazonS3/latest/userguide/s3-tables-integrating-aws.md b/AmazonS3/latest/userguide/s3-tables-integrating-aws.md
index 94df78ebc..1a6773b46 100644
--- a//AmazonS3/latest/userguide/s3-tables-integrating-aws.md
+++ b//AmazonS3/latest/userguide/s3-tables-integrating-aws.md
@@ -296,0 +297,4 @@ The AWS analytics services integration process has been updated. If you've set u
+###### Note
+
+If you want to work with SSE-KMS encrypted tables in integrated AWS analytics services, the role you use needs to have permission to use your AWS KMS key for encryption operations. For more information, see [ Granting IAM principals permissions to work with encrypted tables in integrated AWS analytics services](./s3-tables-kms-permissions.html#tables-kms-integration-permissions).
+