AWS athena documentation change
Summary
Updated references from 'CMK' to 'customer managed key' in KMS permissions section
Security assessment
Language standardization in key policy documentation. No security flaws addressed - maintains existing guidance about required KMS permissions for encrypted S3 data access.
Diff
diff --git a/athena/latest/ug/encryption.md b/athena/latest/ug/encryption.md index e4f12e41f..8e27eae8a 100644 --- a//athena/latest/ug/encryption.md +++ b//athena/latest/ug/encryption.md @@ -113 +113 @@ Depending on the type of encryption you use in Amazon S3, you might need to add - * AWS KMS – If you use AWS KMS for encryption, Athena users must be allowed to perform particular AWS KMS actions in addition to Athena and Amazon S3 permissions. You allow these actions by editing the key policy for the AWS KMS customer managed CMKs that are used to encrypt data in Amazon S3. To add key users to the appropriate AWS KMS key policies, you can use the AWS KMS console at [https://console.aws.amazon.com/kms](https://console.aws.amazon.com/kms). For information about how to add a user to a AWS KMS key policy, see [Allows key users to use the CMK](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-users) in the _AWS Key Management Service Developer Guide_. + * AWS KMS – If you use AWS KMS for encryption, Athena users must be allowed to perform particular AWS KMS actions in addition to Athena and Amazon S3 permissions. You allow these actions by editing the key policy for the customer managed key that are used to encrypt data in Amazon S3. To add key users to the appropriate AWS KMS key policies, you can use the AWS KMS console at [https://console.aws.amazon.com/kms](https://console.aws.amazon.com/kms). For information about how to add a user to a AWS KMS key policy, see [Allows key users to use the customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-users) in the _AWS Key Management Service Developer Guide_.