Athena workgroup configuration should be enforced to prevent client side changes to disable encryption settings.
Clients can ignore encryption requirements
Enforce the configuration to prevent client overrides
The following example will fail the aws-athena-no-encryption-override check.
The following example will pass the aws-athena-no-encryption-override check.