AWS Security ChangesHomeSearch

AWS athena documentation change

Service: athena · 2025-06-19 · Documentation low

File: athena/latest/ug/gdc-register-s3-table-bucket-cat.md

Summary

Added CSE-KMS encryption to the list of encryption types that restrict write operations in Athena workgroups

Security assessment

The change clarifies restrictions when using CSE-KMS encryption, which is a security feature, but does not address a specific vulnerability or incident. It updates documentation to reflect additional encryption-related limitations.

Diff

diff --git a/athena/latest/ug/gdc-register-s3-table-bucket-cat.md b/athena/latest/ug/gdc-register-s3-table-bucket-cat.md
index 1ed69b7f3..11d7f1f1e 100644
--- a//athena/latest/ug/gdc-register-s3-table-bucket-cat.md
+++ b//athena/latest/ug/gdc-register-s3-table-bucket-cat.md
@@ -27 +27 @@ Amazon S3 table buckets are a bucket type in Amazon S3 that is purpose-built to
-  * In workgroups with SSE-KMS encryption enabled, you can't run write operations like `INSERT`, `UPDATE`, `DELETE`, or `MERGE` on S3 Tables.
+  * In workgroups with SSE-KMS, CSE-KMS encryption enabled, you can't run write operations like `INSERT`, `UPDATE`, `DELETE`, or `MERGE` on S3 Tables.