AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Dbeaver athena8/21/2023 Role_arn: the Amazon Resource Name (ARN) of the role that you want to assume source_profile: a profile that contains the credentials of an IAM user or an IAM role that has permissions to assume the roleįor example, to assume a role named testrole that has the ARN arn:aws:iam::123456789012:role/testrole, create a named profile like this: The profile must include these properties: For more information about creating named profiles, see Named profiles. On the machine where the Athena JDBC driver is installed, add a named profile to the AWS CLI credentials file ( ~/.aws/credentials). To switch roles before connecting to the Athena JDBC driver, use the source_profile option in the named profile:ġ. Switch to a different IAM role and then connect to the Athena JDBC driver To get the latest JDBC driver, see Links for downloading the JDBC driver. Note: The Profile JDBC configuration property is available in Athena JDBC driver versions 2.0.6 and later. Or, set the profile name in Profile JDBC configuration property. To connect to Athena with the JDBC driver, specify the profile name in the JDBC connection string (for example: jdbc:awsathena://AwsRegion=us-west-2 Profile=testprofile ). Here's an example of temporary credentials that are stored in an AWS CLI profile named testprofile: Ģ. For more information, see Configuration and credential file settings. On the machine where the Athena JDBC driver is installed, save the temporary credentials to the AWS credentials file ( ~/.aws/credentials) as a named profile. Keep in mind that the temporary credentials have a maximum lifespan of 12 hours.ġ. These three credentials are required for authenticating the JDBC connection to Athena. The temporary credentials contain the session token, access key ID, and secret access key. Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.įor more information, see Using IAM roles and review the Comparing methods for using roles table. Assuming a different role in your account: If you assume another role in the same AWS account, then use assume-role to get the temporary credentials.If you assume the role with a different identity provider, then use the assume-role-with-saml command to get the temporary credentials. Assuming the role with a SAML Identity provider: Active Directory Federation Services (AD FS) 3.0, Okta, PingFederate, and Azure AD are the only SAML 2.0 identity providers that are directly supported in the Athena JDBC driver. The process for retrieving the temporary credentials depends on how you assume the role. Retrieve the role's temporary credentials. Resolution Use IAM role credentials to connect to the Athena JDBC driver
0 Comments
Read More
Leave a Reply. |