Hi all,
I want to protect the connection between Power BI and Amazon Athena. I gave the end users IAM credentials, so they can setup their DSN in their local machines and start creating reports in Power BI Desktop. This is important for our organization, the end users should use Power BI Desktop in their local machines and not in EC2 instances.
What I want to do now is add another security layer by creating an Athena VPC Endpoint and attach it to one of our VPC and one private subnet, so the Power BI-Athena connection can be made only inside this VPC.
The problem is that the users can still use the connection only by using the IAM credentials from their local machine. I set up a VPN connection, but with or without it the user can access the data source with the IAM credentials.
¿How can I restrict Power BI - Athena network traffic so that the users, even if they have IAM credentials, cannot create the ODBC connection to Athena databases?¿Am I doing right by creating an Athena VPC Endpoint?¿Am I doing something wrong, maybe I should test another ODBC Authentication type and not create user IAM credentials?
Thanks
AWS OFFICIALUpdated a month ago
