Athena Driver

by



“Ambir’s technical support is what keeps my company purchasing the hardware and software they support. In an ever more difficult climate for the medical industry, Ambir Technology is the partner every practice needs to run at peak efficiency.”.

This article describes how to connect Tableau to Amazon Athena data and set up the data source.

Athena driver odbc

Before you begin

  • Connecting to Amazon Athena with ODBC and JDBC Drivers To explore and visualize your data with business intelligence tools, download, install, and configure an ODBC (Open Database Connectivity) or JDBC (Java Database Connectivity) driver.
  • The package provides the installation files for Athena SmartCard Reader Driver version 7.1.0.0. If the driver is already installed on your system, updating (overwrite-installing) may fix various issues, add new functions, or just upgrade to the available version.

Before you begin, gather this connection information:

  • Name of the server that hosts the database you want to connect to. The format should be as follows: athena.[region].amazonaws.com. For example: athena.us-east-1.amazonaws.com

  • Name of the S3 staging directory. For example, s3://aws-athena-query-results-123456785678-us-eastexample-2/

  • Amazon Web Services (AWS) access keys (access key ID and secret access key). For more information, see Access keys(Link opens in a new window) on the AWS website.

  • (Optional) Initial SQL statement to run every time Tableau connects

You must have Java installed on the computer that runs Tableau Desktop. For more information, see Driver Download(Link opens in a new window) on the Tableau website.

Driver required

This connector requires a driver to talk to the database. You might already have the required driver installed on your computer. If the driver is not installed on your computer, Tableau displays a message in the connection dialog box with a link to the Driver Download(Link opens in a new window) page where you can find driver links and installation instructions.

Make the connection and set up the data source

AthenaAthena driver for tableau 2019.3

  1. Start Tableau and under Connect, select Amazon Athena. For a complete list of data connections, select More under To a Server. Then do the following:

    1. Enter the name of the server.

    2. Enter the name of the S3 staging directory.

    3. Enter your AWS access key ID in the Username field.

    4. Enter your AWS secret access key in the Password field.

    5. (Optional) Select Initial SQL to specify a SQL command to run at the beginning of every connection, such as when you open the workbook, refresh an extract, sign in to Tableau Server, or publish to Tableau Server. For more information, see Run Initial SQL.

    6. Select Sign In.

      If Tableau can't make the connection, verify that your credentials are correct. If you still can't connect, your computer is having trouble locating the server. Contact your network administrator or database administrator.

  2. On the data source page, do the following:

    1. (Optional) Under Connections, select the default data source.

    2. Select the catalog and database you want to work with.

    3. Drag one or more tables to your workspace.

    4. Select the sheet tab to start your analysis.

      Use custom SQL to connect to a specific query rather than the entire data source. For more information, see Connect to a Custom SQL Query.

Customize JDBC connections

Amazon Athena uses a JDBC connection, which you can customize using a properties file. For more information, see Customize JDBC Connections Using a Properties File(Link opens in a new window) in Tableau Community.

See also

  • Set Up Data Sources – Add more data to this data source or prepare your data before you analyze it.
  • Build Charts and Analyze Data – Begin your data analysis.
  • Connect to your S3 data with the Amazon Athena connector in Tableau 10.3(Link opens in a new window) (and later) - Tableau blog post with links to Amazon Athena resources.
  • Tableau Desktop Fails To Connect to Amazon Athena through Proxy With Error Code 37CE01A3 - Tableau Knowlege Base article with steps for resolving the issue.
Thanks for your feedback!

I want to use an AWS Identity and Access Management (IAM) role to connect to Amazon Athena through the JDBC driver. Or, I want to switch to another IAM role, either in my AWS account or in a different account, before connecting to Athena through the JDBC driver.

Resolution

Use IAM role credentials to connect to the Athena JDBC driver

Retrieve the role's temporary credentials. The process for retrieving the temporary credentials depends on how you assume the role:

Athena Driver
  • Assuming the role with a SAML Identity provider: Active Directory Federation Services (AD FS) 3.0 and Okta are the only SAML 2.0 identity providers that are directly supported in the Athena JDBC driver. If you assume the role with a different identity provider, use the assume-role-with-saml command to get the temporary credentials.
  • Assuming a different role in your account: If you assume another role in the same AWS account, use assume-role to get the temporary credentials.

Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.

For more information, see Using IAM roles and review the Comparing methods for using roles table.

The temporary credentials contain the session token, access key ID, and secret access key. These three credentials are required for authenticating the JDBC connection to Athena. Keep in mind that temporary credentials have a maximum lifespan of 12 hours.

1. On the machine where the Athena JDBC driver is installed, save the temporary credentials to the AWS credentials file (~/.aws/credentials) as a named profile. For more information, see Configuration and credential file settings.

Here's an example of temporary credentials that are stored in an AWS CLI profile named testprofile:

Athena Driver Odbc

2. To connect to Athena with the JDBC driver, specify the profile name in the JDBC connection string (for example: jdbc:awsathena://AwsRegion=us-west-2;Profile=testprofile;). Or, set the profile name in Profile JDBC configuration property.

Athena Driver Tableau

Note: The Profile JDBC configuration property is available in Athena JDBC driver versions 2.0.6 and later. To get the latest JDBC driver, see Links for downloading the JDBC driver.

Switch to different IAM role and then connect to the Athena JDBC driver

To switch roles before connecting to the Athena JDBC driver, use the source_profile option in the named profile:

1. On the machine where the Athena JDBC driver is installed, add a named profile to the AWS CLI credentials file (~/.aws/credentials). For more information about creating named profiles, see Named profiles. The profile must include these properties:

role_arn: the Amazon Resource Name (ARN) of the role that you want to assume
source_profile: a profile that contains the credentials of an IAM user or an IAM role that has permissions to assume the role

For example, to assume a role named testrole that has the ARN arn:aws:iam::123456789012:role/testrole, create a named profile like this:

In this example, the default profilecontains the credentials of an IAM user or role that has permissions to assume testrole:

2. To connect to Athena with the JDBC driver, specify the profile name in the JDBC connection string (for example: jdbc:awsathena://AwsRegion=us-west-2;Profile=switchroletest;). Or, set the profile name in Profile JDBC configuration property.

Related information