Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Does AWS Athena not require any permissions to query an S3 Bucket?

0

Hi community,

I am currently working with Athena to query my data stored in an S3 bucket encrypted by a customer managed key. After I created the Athena workgroup and Athena database, I ran the query to create the table. And it went really smooth without any errors. Even after I ran query "select * from table", I received the results as I expected. I did not make any policy change to my key or bucket. Doe this mean Athena does not need to be granted any permissions to query S3? How is this secure? My Bucket is encrypted and the Athena can just query it freely. I do find it a little counter-intuitive. What should I do to make it securer? Please let me know your thoughts on this issue. Thanks!

Topics
AnalyticsSecurity, Identity, & ComplianceStorage
Tags
IAM PoliciesAmazon AthenaAmazon Simple Storage Service
Language
English
asked 10 months ago331 views
1 Answer
0

When actors interact with Athena, their permissions pass through Athena to determine what Athena can access. This means that users must have permission to access Amazon S3 buckets in order to query them with Athena.

https://docs.aws.amazon.com/athena/latest/ug/s3-permissions.html

EXPERT
answered 10 months ago
EXPERT
reviewed 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content