Back to All Checks
Medium Athena Regional

Athena workgroups should have logging enabled

FSBP

Description

This control checks whether an Amazon Athena workgroup has logging enabled. The control fails if the workgroup doesn't have logging enabled. Audit logs track and monitor system activities. They provide a record of events that can help you detect security breaches, investigate incidents, and comply with regulations. Audit logs also enhance the overall accountability and transparency of your organization.

Remediation

Enable logging for your Athena workgroup by configuring PublishCloudWatchMetricsEnabled to true in the workgroup's result configuration.

Steps

  1. Navigate to the Athena console
  2. Select the workgroup that needs logging enabled
  3. Edit the workgroup configuration
  4. Enable 'Publish CloudWatch metrics' in the result configuration
  5. Save the configuration changes
  6. Verify that logging is now enabled for the workgroup

Compliance

FSBP
Start Your Free Security Check