- Newest
- Most votes
- Most comments
Hello,
Hope you are doing good !
Right now, It is not possible to restrict access to the Copy button using policies. This is because when we are using the Copy option, it is not making any API call. As you said even if we try to restrict, select text from the query editor and copy it using the keypad would still be possible.
I checked internally and found out that there is already a feature request with the service team regarding this. While I am unable to comment on when this feature may get released, I request you to keep an eye on our Whats new and Blog for any new feature announcements.
[1]https://aws.amazon.com/new/ [2]https://aws.amazon.com/blogs/aws/
Having said that, If feasible you can try out the below alternative, wherein you can deny the “athena:GetQueryResults” API call. Then this will not give any results on the console when you run a query but still the query would be successful. It will just show if the query has succeeded and will show the amount of data that is scanned. If your use case fits this then you can implement this so that the users won't be having access to the data on console directly . The sample policy for the same :
{ "Sid": "BlockAthenaCopy”, "Effect": "Deny", "Action": "athena:GetQueryResults", "Resource": "arn:aws:athena:*:XXXXXXXXXXX:workgroup/workgroup_name”, "Condition": { "StringNotEquals": { "aws:CalledVia": "athena.amazonaws.com " } } }
Thanks and have a great day !
Relevant content
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
Thank you! The users need to see the query results, so 'GetQueryResults' cannot be denied at this moment. I will keep an eye on the feature request.