AWS Security ChangesHomeSearch

AWS athena medium security documentation change

Service: athena · 2025-08-13 · Security-related medium

File: athena/latest/ug/connectors-gcs.md

Summary

Added Glue connections configuration documentation for GCS connector with security requirements

Security assessment

Introduced mandatory use of AWS Secrets Manager for credentials and security restrictions on connection handling, directly addressing secure credential storage practices.

Diff

diff --git a/athena/latest/ug/connectors-gcs.md b/athena/latest/ug/connectors-gcs.md
index 1b8c26959..acc516f02 100644
--- a//athena/latest/ug/connectors-gcs.md
+++ b//athena/latest/ug/connectors-gcs.md
@@ -69,0 +70,27 @@ The parameter names and definitions listed below are for Athena data source conn
+We recommend that you configure a GCS connector by using a Glue connections object. To do this, set the `glue_connection` environment variable of the GCS connector Lambda to the name of the Glue connection to use.
+
+**Glue connections properties**
+
+Use the following command to get the schema for a Glue connection object. This schema contains all the parameters that you can use to control your connection.
+    
+    
+    aws glue describe-connection-type --connection-type GOOGLECLOUDSTORAGE
+
+**Lambda environment properties**
+
+  * glue_connection – Specifies the name of the Glue connection associated with the federated connector.
+
+
+
+
+###### Note
+
+  * All connectors that use Glue connections must use AWS Secrets Manager to store credentials.
+
+  * The GCS connector created using Glue connections does not support the use of a multiplexing handler.
+
+  * The GCS connector created using Glue connections only supports `ConnectionSchemaVersion` 2.
+
+
+
+