Use Third-Party Tools to Connect to Athena Tables

Amazon Athena is an interactive query service that allows you to use standard SQL to view and analyze data in your organization's Tetra Data Lake S3 bucket. This page describes how you can connect to your Athena tables from one of these third-party tools:

  • IDE Tools (IntelliJ IDEA)
  • Java Spring
  • TIBCO Spotfire
  • Tableau
  • Python

Before You Begin

Before you can use a third-party tool to connect to Athena tables, you must:

  • Download an Athena JDBC driver
  • Locate connection details from the Tetra Data Platform (TDP)

Download Athena JDBC Driver

Amazon Athena provides a JDBC driver for connections. Any third-party tool that can use a JDBC driver can connect to Amazon Athena. You can also use Java to programmatically access Athena.

The JDBC driver that you select is based on which Java version you use. Make sure that the driver you select matches your current Java version (for example, JDK 8.0 or JDK 9.0).

To locate a JDBC driver, its download address, and its usage details, see Connecting to Amazon Athena with JDBC in the AWS documentation.



(For single-tenant deployments only) Using the Amazon Athena JDBC driver will result in additional costs in your AWS account, because the driver runs Amazon Athena queries. Query costs depend on the amount of data stored in your environment. For more information, see Amazon Athena Pricing in the AWS documentation.

Locate Connection Details from the TDP

You can easily find the connection details for Amazon Athena by using the Tetra Data Platform (TDP).
Click here to use the SQL Access page in the TDP to locate your connection details.

To connect to Athena, you will need to write down these connection details for future use:

  • Username
  • Password
  • URL (address for Athena) connection parameter
  • S3OutputLocation connection parameter


Self-Hosting the TDP

If you are self-hosting the TDP in your AWS accounts and set the deployment parameter AthenaCreateIamUser to false, then the credentials are not available in the Tetra Data Platform UI.

To obtain the JDBC credentials:

  1. From the TDP UI, locate the TDP organization slug (orgSlug). Select Account -> Organizational Details to find the orgSlug.
  2. In AWS IAM, locate a policy named: ts-platform-<awsRegion>-production-<orgSlug>-policy.
  3. Create an IAM user or role in the AWS account where TDP is hosted and assign it to the policy.
  4. Use the credentials of the role or user to access Athena by following the AWS documentation located here.

Connect to Athena Tables Using Third-Party Tools

After you have downloaded the appropriate Athena JDBC driver to use and located the connection details from the SQL Access page in the TDP, you can select which third-party tool you want to use:


Every organization on Tetra Data Platform (TDP) is automatically provisioned with a separate AWS KMS (Key Management Service) Key.

The query result is encrypted using SSE_KMS (The driver uses server-side encryption with an AWS KMS-management Key).

Additionally, the JDBC driver automatically applies SSL encryption to all connections. SSL encryption protects data and credentials when they are transferred over the network, and provides stronger security than authentication alone. The SSL indicates both TLS (Transport Layer Security) and SSL (Secure Socket Layer). The driver supports industry-standard versions of TLS/SSL.

The TLS version that the driver supports depends on which JVM version is installed. The TLS version used for the connections is the latest version that is supported by the both driver and the server.


Supported Protocols and Algorithms

Reference: Oracle Blog: Diagnosing TLS, SSL, and HTTPS