Skip to Content

Amazon Athena Connection

Introduction

An Amazon Athena connection, created using the Amazon Athena connector, establishes access to Amazon Athena. These activities, once configured, interact with Amazon Athena through the connection.

Create or Edit an Amazon Athena Connection

A new Amazon Athena connection is created using the Amazon Athena connector from one of these locations:

An existing Amazon Athena connection can be edited from these locations:

Configure an Amazon Athena Connection

Each user interface element of the Amazon Athena connection configuration screen is described below.

Tip

Fields with a variable icon Variable icon support using global variables, project variables, and Jitterbit variables. Begin either by typing an open square bracket [ into the field or by clicking the variable icon to display a list of the existing variables to choose from.

  • Connection Name: Enter a name to use to identify the connection. The name must be unique for each Amazon Athena connection and must not contain forward slashes (/) or colons (:). This name is also used to identify the Amazon Athena endpoint, which refers to both a specific connection and its activities.

  • Authentication: When selected (default), shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • Athena VPC Endpoint: Enter the Athena VPC endpoint.

    • S3 Staging Directory: Enter the S3 staging directory.

    • Encryption Type: Select the encryption type, one of:

      • None

      • SSE_S3

      • SSE_KMS

      • CSE_KMS

    • Encryption Key: Enter the encryption key.

    • Database: Enter the database.

    • Data Source: Enter the data source.

  • Connection: When selected, shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • Cross Account Id: Enter the cross account ID.

    • Simple Upload Limit: Enter the simple upload limit.

  • AWS Authentication: When selected, shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • Auth Scheme: Select the authorization scheme, one of:

      • Auto

      • ADFS

      • AwsRootKeys

      • AwsIAMRoles

      • AwsEC2Roles

      • AwsMFA

      • AwsCredentialsFile

      • Okta

      • TemporaryCredentials

      • PingFederate

      • AwsCognitoBasic

      • AwsCognitoSrp

      • AzureAD

    • AWS Access Key: Enter the AWS access key.

    • AWS Secret Key: Enter the AWS secret key.

    • AWS Role ARN: Enter the AWS role ARN.

    • AWS Principal ARN: Enter the AWS principal ARN.

    • AWS Region: Select the AWS region, one of:

      • OHIO

      • NORTHERNVIRGINIA

      • NORTHERNCALIFORNIA

      • OREGON

      • CAPETOWN

      • HONGKONG

      • MUMBAI

      • OSAKA

      • SEOUL

      • SINGAPORE

      • SYDNEY

      • TOKYO

      • CENTRAL

      • BEIJING

      • NINGXIA

      • FRANKFURT

      • IRELAND

      • LONDON

      • MILAN

      • PARIS

      • STOCKHOLM

      • BAHRAIN

      • SAOPAULO

      • GOVCLOUDEAST

      • GOVCLOUDWEST

    • AWS Credentials File: Enter the AWS credentials file.

    • AWS Credentials File Profile: Enter the AWS credentials file profile.

    • AWS Session Token: Enter the AWS session token.

    • AWS External Id: Enter the AWS external ID.

    • MFA Serial Number: Enter the MFA serial number.

    • MFA Token: Enter the MFA token.

    • Temporary Token Duration: Enter the temporary token duration.

    • AWS Cognito Region: Select the AWS Cognito region, one of:

      • OHIO

      • NORTHERNVIRGINIA

      • NORTHERNCALIFORNIA

      • OREGON

      • CAPETOWN

      • HONGKONG

      • MUMBAI

      • OSAKA

      • SEOUL

      • SINGAPORE

      • SYDNEY

      • TOKYO

      • CENTRAL

      • BEIJING

      • NINGXIA

      • FRANKFURT

      • IRELAND

      • LONDON

      • MILAN

      • PARIS

      • STOCKHOLM

      • BAHRAIN

      • SAOPAULO

      • GOVCLOUDEAST

      • GOVCLOUDWEST

    • AWS User Pool Id: Enter the AWS user pool ID.

    • AWS User Pool Client App Id: Enter the AWS user pool client app ID.

    • AWS User Pool Client App Secret: Enter the AWS user pool client app secret.

    • AWS Identity Pool Id: Enter the AWS identity pool ID.

  • SSO: When selected, shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • User: Enter the user.

    • Password: Enter the password.

    • SSO Login URL: Enter the SSO login URL.

    • SSO Properties: Enter the SSO properties.

    • SSO Exchange Url: Enter the SSO exchange URL.

  • OAuth: When selected, shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • Initiate OAuth: Select the OAuth setting, one of:

      • OFF

      • GETANDREFRESH

      • REFRESH

    • OAuth Client Id: Enter the OAuth client ID.

    • OAuth Client Secret: Enter the OAuth client secret.

    • OAuth Access Token: Enter the OAuth access token.

    • Callback URL: Enter the callback URL.

    • OAuth Verifier: Enter the OAuth verifier.

    • OAuth Refresh Token: Enter the OAuth refresh token.

    • OAuth Expires In: Enter the time in seconds that the OAuth token expires in.

    • OAuth Token Timestamp: Enter the OAuth token timestamp.

  • SSL: When selected, shows additional settings. For documentation, see Establishing a Connection and Additional Configurations Properties:

    • SSL Server Cert: Enter the SSL server certificate.
  • Use Proxy Settings: Select to use Private Agent proxy settings.

  • Advanced Configurations: When selected, shows the Advanced Configurations Properties table, which is used to add additional configuration properties as key-value pairs.

    Click the add icon add icon to add a row to the table below and enter a key-value pair for each property.

    To save the row, click the submit icon submit icon in the rightmost column.

    To edit or delete a single row, hover over the rightmost column and use the edit icon edit icon or delete icon delete icon.

    To delete all rows, click Clear All.

    Important

    Fields in the Advanced Configurations table display the variable icon Variable icon only in edit mode. For these fields' variable values to be populated at runtime, the agent version must be at least 10.75 / 11.13.

  • Test: Click to verify the connection using the specified configuration. When the connection is tested, the latest version of the connector is downloaded by the agent(s) in the agent group associated with the current environment. This connector supports suspending the download of the latest connector version by using the Disable Auto Connector Update organization policy.

  • Save Changes: Click to save and close the connection configuration.

  • Discard Changes: After making changes to a new or existing configuration, click to close the configuration without saving. A message asks you to confirm that you want to discard changes.

  • Delete: After opening an existing connection configuration, click to permanently delete the connection from the project and close the configuration (see Component Dependencies, Deletion, and Removal). A message asks you to confirm that you want to delete the connection.

Configure OAuth Connections

This connector supports a connection using OAuth by using specific configuration properties. After selecting an auth scheme that includes Initiate OAuth, you will be able to specify the configuration in the fields that are displayed.

Note

Additional IDs, secrets, scopes, and other authentication tokens may be required in order to successfully complete the OAuth authentication. Check the endpoint documentation for additional information on their requirements.

For this connector, two scenarios are supported. In either scenario, you will need to use a third-party tool (such as Postman or a similar tool) to obtain the required access token or tokens from the endpoint involved. Both of these scenarios work only for single-agent groups. These are Agent Groups that consist of a single agent.

  • Scenario 1: Using an OAuth access token that expires after a set period of time.

    With this configuration, you supply an OAuth access token that lasts for a set period of time, as determined by the particular endpoint. The connector will use the token to make the connection. The connection, however, will no longer work once the access token expires. You would configure the connector to use the token by setting these properties:

    Configuration Property Value
    Initiate OAuth OFF
    OAuth Access Token Set to the value of the OAuth access token obtained from the endpoint
  • Scenario 2: Using an OAuth access token combined with an OAuth refresh token to enable automatic refresh of access.

    With this configuration, the connector will use a refresh token to obtain a new access token once the current access token has expired. This is generally the best method of configuring OAuth.

    You supply an OAuth access token and an OAuth refresh token, as determined by the particular endpoint. You would configure the connector to use these tokens by setting these properties:

    Configuration Property Value
    Initiate OAuth REFRESH
    OAuth Access Token Set to the value of the OAuth access token obtained from the endpoint
    OAuth Refresh Token Set to the value of the OAuth refresh token obtained from the endpoint

Note

If using multiple OAuth-based Amazon Athena connections on the same Private Agent, set the configuration property OAuthSettingsLocation to a unique writeable agent path for each connection. In the jitterbit.conf file for the agent, set EnableLocalFileLocation=true. If you don't perform these two steps, the multiple connections will use the same default path and overwrite each other.

Next Steps

After an Amazon Athena connector connection has been created, you place an activity type on the design canvas to create activity instances to be used either as sources (to provide data in an operation) or as targets (to consume data in an operation).

Menu actions for a connection and its activity types are accessible from the project pane and design component palette. For details, see Actions Menus in Connector Basics.

These activity types are available:

  • Query: Retrieves records from a table at Amazon Athena and is intended to be used as a source in an operation.

  • Execute: Executes a procedure at Amazon Athena and is intended to be used as a target in an operation.