Connect to Amazon Athena
The following steps will help you set up the connection to your Athena Instance. Please ensure that you have an Amazon IAM account and an S3 bucket.
You can follow the video below for a walkthrough of the steps, or skip ahead to follow the instructions below.
Step-by-step Instructions
Step 1: Create a Holistics User in the Amazon IAM Console
Add a user with 'Programmatic Access' in the Amazon IAM Console.
Allow this user full access to Athena API: AmazonAthenaFullAccess.
Or a custom policy with full access to Athena, and List, Read, Write to the source S3 bucket.
Holistics requires the below actions to be allowed for all operations to work properly:
athena:StartQueryExecution
athena:GetQueryResults
athena:StopQueryExecution
athena:GetQueryExecution
athena:ListDatabases
s3:GetBucketLocation
s3:PutObject
s3:GetObject
s3:DeleteObject
s3:AbortMultipartUpload
s3:ListBucket
s3:ListBucketMultipartUploads
s3:ListMultipartUploadParts
glue:GetDatabase
glue:GetDatabases
glue:GetTable
glue:GetTables
glue:CreateTable
glue:DeleteTable
Example policy JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Athena",
"Effect": "Allow",
"Action": [
"athena:StartQueryExecution",
"athena:ListDatabases",
"athena:StopQueryExecution",
"athena:GetQueryExecution",
"athena:GetQueryResults"
],
"Resource": [
"arn:aws:athena:ap-southeast-1:*:workgroup/primary",
"arn:aws:athena:ap-southeast-1:*:datacatalog/AwsDataCatalog"
]
},
{
"Sid": "ListSourceS3Buckets",
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::aws-athena-source-data-bucket"
},
{
"Sid": "ReadSourceS3BucketData",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::aws-athena-source-data-bucket/data/*"
},
{
"Sid": "WriteResultS3Bucket",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucketMultipartUploads",
"s3:AbortMultipartUpload",
"s3:ListBucket",
"s3:DeleteObject",
"s3:GetBucketLocation",
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::aws-athena-query-results-bucket",
"arn:aws:s3:::aws-athena-query-results-bucket/*"
]
},
{
"Sid": "Glue",
"Effect": "Allow",
"Action": [
"glue:GetDatabase",
"glue:GetDatabases",
"glue:CreateTable",
"glue:DeleteTable",
"glue:GetTables",
"glue:GetTable"
],
"Resource": "*"
}
]
}
Notes:
aws-athena-source-data-bucket
is the S3 bucket where Athena queries data fromaws-athena-query-results-bucket
is the S3 bucket that will be used to store Holistics query results
This is only an example policy.
While all the Actions in the example are required,
please refer to AWS (Athena) documentation to
securely allow those Actions on the appropriate Resources only.
Step 2: Add AWS Athena Data Source
Create an Athena database using AWS Athena Console.
Visit (https://secure.holistics.io/data_sources) and add a new data source. Select the AWS Athena data source type, then fill in the form:
- Region: AWS region hosting Athena database, source file S3 buckets, and query result S3 bucket.
- Access Key ID and Secret Access Key are from the Amazon account you created in Step 1.
- Result Bucket: all Athena query results are stored in this bucket. The current Amazon account should be able to access this bucket. Please see AWS Athena docs for more details.
- Storage Bucket URL: This is the bucket to store your imported data and files.
Step 3: Setup your Athena Instance for Querying
First, you need to create an Athena table to be used as schema-on-read during query execution (Please refer to AWS Athena docs for more details). Remember to enable Non-select Queries.
Then you can build reports, view results, and make charts.
Note: In AWS Athena Schema and Data source are the same thing (https://docs.aws.amazon.com/athena/latest/ug/create-database.html). If you don't specify the schema in your query, the query will be executed on the default schema.
FAQ
Does Holistics support connecting to AWS Athena using temporary credentials?
No. Holistics does not support the ability to connect to AWS Athena using temporary credentials
ATHENA_NAME_ERROR
Sometimes you'll receive this error with a pattern like this:
ATHENA_NAME_ERROR: HIVE_METASTORE_ERROR: com.facebook.presto.spi.PrestoException: Error: name expected at the position ... of ... but 'special character' is found.
There is a reason for that:
- Special characters other than underscore (_) are not supported for Table, Database, and column names.
- Although you may succeed in creating table, view, database, or column names that contain special characters other than underscore by enclosing them in backtick (`) characters, subsequent DDL or DML queries that reference them can fail.
- For more details please refer to the official docs of AWS Athena here