Control: Athena workgroups should enforce configuration
Description
This control checks if an Athena workgroup enforces configuration. The control fails if an Athena workgroup doesn't enforce configuration.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.athena_workgroup_enforce_configuration_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.athena_workgroup_enforce_configuration_enabled --shareSQL
This control uses a named query:
select name as resource, case when enforce_workgroup_configuration then 'ok' else 'alarm' end as status, case when enforce_workgroup_configuration then name || ' has enforce workgroup configuration enabled.' else name || ' has enforce workgroup configuration disabled.' end as reason , region, account_idfrom aws_athena_workgroup;