awslabs · andy-k-improving · Mar 30, 2026 · Mar 30, 2026 · Mar 30, 2026 · Mar 30, 2026
diff --git a/athena-s3vector-connector/README.md b/athena-s3vector-connector/README.md
@@ -57,6 +57,7 @@ The connector can be deployed directly using the provided CloudFormation templat
    - **AthenaCatalogName**: Name for your Lambda function (lowercase, alphanumeric, hyphens, and underscores only, 1-64 characters)
    - **SpillBucket**: S3 bucket name for query result spilling
    - **SpillPrefix**: Prefix within SpillBucket (default: athena-spill)
+   - **S3VectorBucketName**: Name of the S3 vector bucket to query
    - **LambdaTimeout**: Maximum Lambda runtime in seconds (default: 900)
    - **LambdaMemory**: Lambda memory in MB (default: 512)
    - **DisableSpillEncryption**: Set to 'true' to disable spill encryption (default: false)
@@ -87,6 +88,7 @@ For subsequent updates after initial deployment:
 | AthenaCatalogName | Lambda function name (must match pattern: ^[a-z0-9-_]{1,64}$) | Required |
 | SpillBucket | S3 bucket for spilling data | Required |
 | SpillPrefix | Prefix within SpillBucket | athena-spill |
+| S3VectorBucketName | Name of the S3 vector bucket to query | Required |
 | LambdaTimeout | Maximum Lambda invocation runtime (1-900 seconds) | 900 |
 | LambdaMemory | Lambda memory in MB (128-3008) | 1024 |
 | DisableSpillEncryption | Disable encryption for spilled data | false |

diff --git a/athena-s3vector-connector/athena-s3vector-connector.yaml b/athena-s3vector-connector/athena-s3vector-connector.yaml
@@ -33,6 +33,9 @@ Parameters:
     Description: "Lambda memory in MB (min 128 - 3008 max)."
     Default: 512
     Type: Number
+  S3VectorBucketName:
+    Description: "The name of the S3 vector bucket to query."
+    Type: String
   DisableSpillEncryption:
     Description: "WARNING: If set to 'true' encryption for spilled data is disabled."
     Default: "false"
@@ -58,20 +61,29 @@ Resources:
             - Action:
                 - athena:GetQueryExecution
               Effect: Allow
-              Resource: '*'
+              Resource: !Sub 'arn:${AWS::Partition}:athena:${AWS::Region}:${AWS::AccountId}:workgroup/*'
           Version: '2012-10-17'
 
-        # S3 Vector read access
+        # S3 Vector list access (account-wide)
         - Statement:
-          - Sid: AllowApplicationVectorAccess
+          - Sid: AllowVectorListAccess
             Effect: Allow
             Action:
-              - s3vectors:GetIndex
               - s3vectors:ListIndexes
+              - s3vectors:ListVectors
+            Resource: !Sub 'arn:${AWS::Partition}:s3vectors:${AWS::Region}:${AWS::AccountId}:*'
+
+        # S3 Vector data access (scoped to specific bucket and its indexes)
+        - Statement:
+          - Sid: AllowVectorDataAccess
+            Effect: Allow
+            Action:
+              - s3vectors:GetIndex
               - s3vectors:QueryVectors
               - s3vectors:GetVectors
-              - s3vectors:ListVectors
-            Resource: '*'
+            Resource:
+              - !Sub 'arn:${AWS::Partition}:s3vectors:${AWS::Region}:${AWS::AccountId}:vector-bucket/${S3VectorBucketName}'
+              - !Sub 'arn:${AWS::Partition}:s3vectors:${AWS::Region}:${AWS::AccountId}:vector-bucket/${S3VectorBucketName}/*'
 
         #S3CrudPolicy allows our connector to spill large responses to S3. You can optionally replace this pre-made policy
         #with one that is more restrictive and can only 'put' but not read,delete, or overwrite files.