Give users read only permission to Athena

[timckt]

Background

Users have started using Athena on the CloudPlatform in development, they can invoke the Athena API using only a IAM role, but being able to see Athena details in the console would help with development.

Proposed user journey

Approach

Update https://github.com/ministryofjustice/cloud-platform-terraform-aws-sso to include a new file for Athena. Viewing custom models could should be restricted with tags as per other resources.

Which part of the user docs does this impact

Communicate changes

• [ ] post for #cloud-platform-update
• [ ] Weeknotes item
• [ ] Show the Thing/P&A All Hands/User CoP
• [ ] Announcements channel

Questions / Assumptions

Definition of done

• [ ] readme has been updated
• [ ] user docs have been updated
• [ ] another team member has reviewed
• [ ] smoke tests are green
• [ ] prepare demo for the team

Reference

How to write good user stories

[sj-williams]

Contacted Athena-using team, there is no need for AWS console access for the service at this time.