Table: aws_athena_workgroup - Query AWS Athena Workgroup using SQL

An AWS Athena Workgroup is a resource that acts as a primary server for running queries. It provides a means of managing query execution across multiple users and teams within an organization. This allows for better control over costs, performance, and security when querying data with Athena.

Table Usage Guide

The aws_athena_workgroup table in Steampipe provides you with information about workgroups within AWS Athena. This table allows you as a DevOps engineer to query workgroup-specific details, including workgroup name, state, description, creation time, and more. You can utilize this table to gather insights on workgroups, such as workgroup configurations, encryption configurations, and enforcement settings. The schema outlines the various attributes of the Athena workgroup for you, including the workgroup ARN, state, tags, and configuration details.

Examples

List all workgroups with basic information

Explore the various workgroups within your AWS Athena service to gain insights into their basic details such as name, description, and creation time. This can be useful for understanding your workgroup configuration and identifying any potential areas for optimization or reorganization.

select
  name,
  description,
  effective_engine_version,
  output_location,
  creation_time
from
  aws_athena_workgroup
order by
  creation_time;

select
  name,
  description,
  effective_engine_version,
  output_location,
  creation_time
from
  aws_athena_workgroup
order by
  creation_time;

List all workgroups using engine 3

Determine the areas in which workgroups are utilizing a specific version of the Athena engine. This is useful for assessing upgrade needs or understanding the distribution of engine versions across your workgroups.

select
  name,
  description
from
  aws_athena_workgroup
where
  effective_engine_version = 'Athena engine version 3';

select
  name,
  description
from
  aws_athena_workgroup
where
  effective_engine_version = 'Athena engine version 3';

Count workgroups in each region

Assess the distribution of workgroups across different regions to understand workload allocation and capacity planning. This can assist in identifying regions that may be under or over-utilized.

select
  region,
  count(*)
from
  aws_athena_workgroup
group by
  region;

select
  region,
  count(*)
from
  aws_athena_workgroup
group by
  region;

List disabled workgroups

Determine the areas in which workgroups are inactive, providing insights into resource usage and potential areas for optimization or re-allocation.

select
  name,
  description,
  creation_time
from
  aws_athena_workgroup
where
  state = 'DISABLED';

select
  name,
  description,
  creation_time
from
  aws_athena_workgroup
where
  state = 'DISABLED';

Control examples

Schema for aws_athena_workgroup

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text	=, !=, ~~, ~~, !~~, !~~	The AWS Account ID in which the resource is located.
additional_configuration	jsonb		Specifies a user defined JSON string that is passed to the notebook engine.
bytes_scanned_cutoff_per_query	bigint		The upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan.
creation_time	timestamp with time zone		The date and time the workgroup was created.
customer_content_kms_key	text		Specifies the KMS key that is used to encrypt the user's data stores in Athena.
description	text		The workgroup description.
effective_engine_version	text		The engine version on which the query runs.
encryption_option	text		Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE_S3), server-side encryption with KMS-managed keys (SSE_KMS), or client-side encryption with KMS-managed keys (CSE_KMS) is used.
enforce_workgroup_configuration	boolean		If set to "true", the settings for the workgroup override client-side settings.
execution_role	text		Role used in a notebook session for accessing the user's resources.
expected_bucket_owner	text		The Amazon Web Services account ID that you expect to be the owner of the Amazon S3 bucket specified by ResultConfiguration$OutputLocation.
name	text	=	The workgroup name.
output_location	text		The location in Amazon S3 where your query results are stored.
partition	text		The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
publish_cloudwatch_metrics_enabled	boolean		Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.
region	text		The AWS Region in which the resource is located.
requester_pays_enabled	boolean		If set to true, allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries.
result_configuration_kms_key	text		For SSE_KMS and CSE_KMS, this is the KMS key ARN or ID.
s3_acl_option	text		The Amazon S3 canned ACL that Athena should specify when storing query results.
selected_engine_version	text		The engine version requested by the user.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
state	text		The state of the workgroup.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_athena_workgroup