Amazon Athena is an interactive query service that allows you to use standard SQL to view and analyze data in your organization's Tetra Data Lake S3 bucket. This page describes how you can connect to your Athena tables from one of these third-party tools:
- IDE Tools (IntelliJ IDEA)
- Java Spring
- TIBCO Spotfire
Before you can use a third-party tool to connect to Athena tables, you must:
- Download an Athena JDBC driver
- Locate connection details from the Tetra Data Platform (TDP)
Amazon Athena provides a JDBC driver for connections. Any third-party tool that can use a JDBC driver can connect to Amazon Athena. You can also use Java to programmatically access Athena.
The JDBC driver that you select is based on which Java version you use. Make sure that the driver you select matches your current Java version (for example, JDK 8.0 or JDK 9.0).
To locate a JDBC driver, its download address, and its usage details, see Connecting to Amazon Athena with JDBC in the AWS documentation.
(For single-tenant deployments only) Using the Amazon Athena JDBC driver will result in additional costs in your AWS account, because the driver runs Amazon Athena queries. Query costs depend on the amount of data stored in your environment. For more information, see Amazon Athena Pricing in the AWS documentation.
You can easily find the connection details for Amazon Athena by using the Tetra Data Platform (TDP).
Click here to use the SQL Access page in the TDP to locate your connection details.
To connect to Athena, you will need to write down these connection details for future use:
- URL (address for Athena) connection parameter
- S3OutputLocation connection parameter
Self-Hosting the TDP
If you are self-hosting the TDP in your AWS accounts and set the deployment parameter
false, then the credentials are not available in the Tetra Data Platform UI.
To obtain the JDBC credentials:
- From the TDP UI, locate the TDP organization slug (orgSlug). Select Account -> Organizational Details to find the orgSlug.
- In AWS IAM, locate a policy named:
- Create an IAM user or role in the AWS account where TDP is hosted and assign it to the policy.
- Use the credentials of the role or user to access Athena by following the AWS documentation located here.
After you have downloaded the appropriate Athena JDBC driver to use and located the connection details from the SQL Access page in the TDP, you can select which third-party tool you want to use:
Every organization on Tetra Data Platform (TDP) is automatically provisioned with a separate AWS KMS (Key Management Service) Key.
The query result is encrypted using SSE_KMS (The driver uses server-side encryption with an AWS KMS-management Key).
Additionally, the JDBC driver automatically applies SSL encryption to all connections. SSL encryption protects data and credentials when they are transferred over the network, and provides stronger security than authentication alone. The SSL indicates both TLS (Transport Layer Security) and SSL (Secure Socket Layer). The driver supports industry-standard versions of TLS/SSL.
The TLS version that the driver supports depends on which JVM version is installed. The TLS version used for the connections is the latest version that is supported by the both driver and the server.
Reference: Oracle Blog: Diagnosing TLS, SSL, and HTTPS
Updated 9 months ago