AWS athena high security documentation change
Summary
Updated Glue connections recommendation, added Secrets Manager requirement, and multiplexing handler limitations
Security assessment
Mandates AWS Secrets Manager for credential storage in PostgreSQL connectors and removes insecure legacy connection options. This prevents credentials from being stored in plaintext configurations.
Diff
diff --git a/athena/latest/ug/connectors-postgresql.md b/athena/latest/ug/connectors-postgresql.md index a1c754d0c..7611bc670 100644 --- a//athena/latest/ug/connectors-postgresql.md +++ b//athena/latest/ug/connectors-postgresql.md @@ -68,3 +68 @@ Athena data source connectors created on December 3, 2024 and later use AWS Glue -### Glue connections (recommended) - -We recommended that you configure a PostgreSQL connector by using a Glue connections object. +We recommend that you configure a PostgreSQL connector by using a Glue connections object. @@ -79 +77,14 @@ Use the following command to get the schema for a Glue connection object. This s -### Legacy connections +**Lambda environment properties** + +glue_connection – Specifies the name of the Glue connection associated with the federated connector. + +###### Note + + * All connectors that use Glue connections must use AWS Secrets Manager to store credentials. + + * The PostgreSQL connector created using Glue connections does not support the use of a multiplexing handler. + + * The PostgreSQL connector created using Glue connections only supports `ConnectionSchemaVersion` 2. + + +