The scheme used for authentication. Accepted entries are: , AwsRootKeys , AwsIAMRoles , AwsEC2Roles , ADFS, Okta, PingFederate , AwsCredentialsFile , AwsCognitoBasic , AwsCognitoSrp.

Possible Values

ADFS, AwsRootKeys, AwsIAMRoles, AwsEC2Roles, AwsWebIdentity, AwsCredentialsFile, Okta, TemporaryCredentials, PingFederate, AwsCognitoBasic, AwsCognitoSrp, AzureAD

Data Type

string

Default Value

"AwsRootKeys"

Remarks

Use the following options to select your authentication scheme:

• TemporaryCredentials: Set this to leverage temporary security credentials alongside a session token to connect.
• AwsRootKeys: Set this to use the root user access key and secret. Useful for quickly testing, but production use cases are encouraged to use something with narrowed permissions.
• AwsIAMRoles: Set to use IAM Roles for the connection.
• AwsEC2Roles: Set this to automatically use IAM Roles assigned to the EC2 machine the Amazon Athena Adapter is currently running on.
• Okta: Set to use a single sign on connection with OKTA as the identity provider.
• ADFS: Set to use a single sign on connection with ADFS as the identity provider.
• PingFederate: Set to use a single sign on connection with PingFederate as the identity provider.
• AwsCredentialsFile: Set to use a credential file for authentication.
• AwsCognitoSrp: Set to use Cognito based authentication. This is recommended over AwsCognitoBasic because this option does NOT send the password to the server for authentication, instead it uses the SRP protocol.
• AwsCognitoBasic: Set to use Cognito based authentication.