{"slug":"iam-aws-athena","cloud":"aws","service":"athena","title":"AWS Athena (IAM)","description":"An interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL.","category":"analytics","common_permissions":["athena:GetQueryExecution","athena:GetQueryResults","athena:RunQuery","athena:GetWorkGroup","athena:ListWorkGroups","athena:GetDataCatalog","athena:ListDataCatalogs"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"athena:GetQueryExecution\",\n        \"athena:GetQueryResults\",\n        \"athena:RunQuery\",\n        \"athena:GetWorkGroup\",\n        \"athena:ListWorkGroups\",\n        \"athena:GetDataCatalog\",\n        \"athena:ListDataCatalogs\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid athena:* — grants full control including creating, updating, and deleting workgroups and data catalogs.","Avoid athena:RunQuery without resource restrictions — can run arbitrary queries that may incur high costs."],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/athena/athena.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:49:18.300Z","updated_at":"2026-06-14T04:49:18.300Z"}