AWS athena documentation change
Summary
Added note about cached credentials being stored as plaintext JSON with restricted file permissions in v2.1.0.0
Security assessment
This change documents security improvements in credential caching, specifically mentioning that credentials are stored with file permissions restricted to the owning user. While this addresses security concerns about credential storage, it's documenting a feature enhancement rather than fixing a specific security issue.
Diff
diff --git a/athena/latest/ug/odbc-v2-driver-jwt-tip.md b/athena/latest/ug/odbc-v2-driver-jwt-tip.md index 50917d544..8c5f03895 100644 --- a//athena/latest/ug/odbc-v2-driver-jwt-tip.md +++ b//athena/latest/ug/odbc-v2-driver-jwt-tip.md @@ -78,0 +79,4 @@ Enables a temporary credentials cache. This connection parameter allows you to c +###### Note + +Starting in v2.1.0.0, cached credentials are stored as plaintext JSON in the `user-profile/.athena-odbc/` directory with file permissions restricted to the owning user, consistent with how the AWS CLI protects locally stored credentials. +