The scheme used for authentication. Accepted entries are: Auto, , AwsRootKeys , AwsIAMRoles , AwsEC2Roles , AwsMFA , ADFS, Okta, PingFederate , AwsCredentialsFile , AwsCognitoBasic , AwsCognitoSrp.

Possible Values

Auto, ADFS, AwsRootKeys, AwsIAMRoles, AwsEC2Roles, AwsMFA, AwsCredentialsFile, Okta, TemporaryCredentials, PingFederate, AwsCognitoBasic, AwsCognitoSrp, AzureAD,

Data Type

string

Default Value

""

Remarks

Use the following options to select your authentication scheme:

• Auto: Set this to have the adapter attempt to automatically resolve the proper authentication scheme to use based on the other connection properties specified.
• TemporaryCredentials: Set this to leverage temporary security credentials alongside a session token to connect.
• AwsRootKeys: Set this to use the root user access key and secret. Useful for quickly testing, but production use cases are encouraged to use something with narrowed permissions.
• AwsIAMRoles: Set to use IAM Roles for the connection.
• AwsEC2Roles: Set this to automatically use IAM Roles assigned to the EC2 machine the Amazon Athena Adapter is currently running on.
• AwsMFA: Set to use multi factor authentication.
• Okta: Set to use a single sign on connection with OKTA as the identity provider.
• ADFS: Set to use a single sign on connection with ADFS as the identity provider.
• PingFederate: Set to use a single sign on connection with PingFederate as the identity provider.
• AwsCredentialsFile: Set to use a credential file for authentication.
• AwsCognitoSrp: Set to use Cognito based authentication. This is recommended over AwsCognitoBasic because this option does NOT send the password to the server for authentication, instead it uses the SRP protocol.
• AwsCognitoBasic: Set to use Cognito based authentication.