Posted On: Mar 28, 2023

Amazon Athena has expanded its encryption settings to improve the security of your query results. With today’s launch, you can now ensure all query results are encrypted at or above a level of encryption that you specify.

When you query data, sensitive information may be included in the result. To reduce the impact of unauthorized access by an untrusted third-party, it is recommended that you encrypt your query results. Today, you can set a default encryption level for queries within a workgroup. However, users can, if permitted, override the default and use a different encryption level for individual queries. With this release, you can now ensure all query results are encrypted with a desired minimum level of encryption and choose one of several methods of varying strength to safeguard your data.

You can use the Athena console, Amazon CLI, API, or SDK to configure the level encryption you want. To learn more, see Configuring minimum encryption for a workgroup

To explore additional security features in Athena, such as Amazon Lake Formation, which provides granular data access controls for your Amazon S3 data lake, and S3 lifecycle configuration rules, which can be used to delete query results you no longer need, see Amazon Athena security and Managing your storage lifecycle.