Setting up an to Amazon Athena
This guide explains how to set up an to Amazon Athena.
Prerequisites
Before you read this reference, perform all of the following actions:
-
Make sure you can log in to your Amazon AWS account. For more information, see the Amazon documentation.
-
Make sure you can access the Amazon Athena console.
-
Create the following items in the Amazon user interface:
-
An S3 bucket. For more information, see the Amazon documentation.
-
A database. For more information, see the Amazon documentation.
-
A table. For more information, see the Amazon documentation.
-
-
Assign an AWS policy to the IAM user associated with Amazon Athena. Find an AWS Policy template below. For more conformation on IAM users, see the Amazon documentation.
-
In the Amazon user interface, generate the following credentials to authorize the :
-
Access Key ID
-
Secret Access Key
For more information, see the Amazon documentation.
-
AWS policy template
Below is a template for an AWS policy. Change the template and assign the AWS policy to the IAM user associated with Amazon Athena. The template contains the following placeholders:
-
S3_RESULT_BUCKETis the S3 bucket used for query results. -
REGIONis the AWS region in which Athena is set up. -
ACCOUNT_IDis your AWS account ID. -
WORKGROUP_NAMEis the workgroup associated with the Adverity . -
CATALOG_NAMEis the name of the AWS Glue Data Catalog. -
DATABASE_NAMEis the name of the AWS Glue Database. -
TABLE_NAMEis the name of the AWS Glue Table to perform queries on.
Find a template for the AWS policy below.
{
"Statement": [
{
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::S3_RESULT_BUCKET"
],
"Sid": "ListObjectsInBucket"
},
{
"Action": "s3:Object",
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::S3_RESULT_BUCKET/"
],
"Sid": "AllObjectActions"
},
{
"Action": [
"athena:ListWorkGroups",
"athena:GetExecutionEngine",
"athena:GetExecutionEngines",
"athena:GetNamespace",
"athena:GetCatalogs",
"athena:GetNamespaces",
"athena:GetTables",
"athena:GetTable"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"athena:StartQueryExecution",
"athena:GetQueryResults",
"athena:DeleteNamedQuery",
"athena:GetNamedQuery",
"athena:ListQueryExecutions",
"athena:StopQueryExecution",
"athena:GetQueryResultsStream",
"athena:ListNamedQueries",
"athena:CreateNamedQuery",
"athena:GetQueryExecution",
"athena:BatchGetNamedQuery",
"athena:BatchGetQueryExecution",
"athena:GetWorkGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:athena:REGION:ACCOUNT_ID:workgroup/WORKGROUP_NAME"
]
},
{
"Action": [
"glue:CreateDatabase",
"glue:DeleteDatabase",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:UpdateDatabase",
"glue:CreateTable",
"glue:DeleteTable",
"glue:BatchDeleteTable",
"glue:UpdateTable",
"glue:GetTable",
"glue:GetTables",
"glue:BatchCreatePartition",
"glue:CreatePartition",
"glue:DeletePartition",
"glue:BatchDeletePartition",
"glue:UpdatePartition",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition"
],
"Effect": "Allow",
"Resource": [
"arn:aws:glue:REGION:ACCOUNT_ID:catalog/CATALOG_NAME",
"arn:aws:glue:REGION:ACCOUNT_ID:database/DATABASE_NAME",
"arn:aws:glue:REGION:ACCOUNT_ID:catalog",
"arn:aws:glue:REGION:ACCOUNT_ID:table/DATABASE_NAME/TABLE_NAME"
]
}
],
"Version": "2012-10-17"
}Setting up the to Amazon Athena in Adverity
To authorize Amazon Athena in Adverity, follow these steps:
-
Go to the Choose an Authorization step of the datastream setup. For more information, see Collecting data from Amazon Athena.
-
Click Setup a new Authorization.
-
In Access Key ID, enter the Access Key ID.
-
In Secret Access Key, enter the Secret Access Key.
-
Click Authorize.