Connection Properties
The connection properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection settings for this provider. Click the links for further details.
For more information on establishing a connection, see Establishing a Connection.
| Property | Description |
| AthenaVPCEndpoint | Your Athena VPC Endpoint. It will override the default athena.{region}.amazonaws.com endpoint. |
| S3StagingDirectory | Specifies the location Amazon Athena will use to store the results of a query. |
| EncryptionType | Specifies the encryption option for query results in Athena. |
| EncryptionKey | Specifies the encryption key when encrypting results stored in S3. |
| DataSource | The name of the Athena Data Source. |
| Database | The name of the Athena database. |
| Property | Description |
| CrossAccountId | The Account Id to use when retrieving metadata from Glue. Default is current account id. |
| SimpleUploadLimit | This setting specifies the threshold, in bytes, above which the provider will choose to perform a multipart upload rather than uploading everything in one request. |
| UseLakeFormation | When this property is set to true, AWSLakeFormation service will be used to retrieve temporary credentials, which enforce access policies against the user based on the configured IAM role. The service can be used when authenticating through OKTA, ADFS, AzureAD, PingFederate, while providing a SAML assertion. |
| Property | Description |
| AuthScheme | Specifies the type of authentication to use when connecting to Amazon Athena. If this property is left blank, the default authentication is used. |
| AWSAccessKey | Specifies your AWS account access key. This value is accessible from your AWS security credentials page. |
| AWSSecretKey | Your AWS account secret key. This value is accessible from your AWS security credentials page. |
| AWSRoleARN | The Amazon Resource Name of the role to use when authenticating. |
| AWSPrincipalARN | The ARN of the SAML Identity provider in your AWS account. |
| AWSRegion | The hosting region for your Amazon Web Services. |
| AWSCredentialsFile | The path to the AWS Credentials File to be used for authentication. |
| AWSCredentialsFileProfile | The name of the profile to be used from the supplied AWSCredentialsFile. |
| AWSSessionToken | Your AWS session token. |
| AWSExternalId | A unique identifier that might be required when you assume a role in another account. |
| MFASerialNumber | The serial number of the MFA device if one is being used. |
| MFAToken | The temporary token available from your MFA device. |
| CredentialsLocation | The location of the settings file where MFA credentials are saved. |
| TemporaryTokenDuration | The amount of time (in seconds) a temporary token will last. |
| AWSCognitoRegion | The hosting region for AWS Cognito. |
| AWSUserPoolId | The User Pool Id. |
| AWSUserPoolClientAppId | The User Pool Client App Id. |
| AWSUserPoolClientAppSecret | Optional. The User Pool Client App Secret. |
| AWSIdentityPoolId | The Identity Pool Id. |
| AWSWebIdentityToken | The OAuth 2.0 access token or OpenID Connect ID token that is provided by an identity provider. |
| AWSDataZoneDomainId | Identifier of the DataZone domain to use. |
| AWSDataZoneDomainRegion | The AWS Region where your DataZone environment and service workgroup are provisioned. |
| AWSDataZoneEndpointOverride | The DataZone API endpoint to be used instead of the default for the provided AWS Region. |
| AWSDataZoneEnvironmentId | Identifier of the DataZone environment to use. |
| AWSIdentityCenterIssuerUrl | The issuer URL of the IAM Identity Center instance that the DataZone domain uses. |
| Property | Description |
| User | The IDP user used to authenticate the IDP via SSO. |
| Password | The password used to authenticate the IDP user via SSO. |
| SSOLoginURL | The identity provider's login URL. |
| SSOProperties | Additional properties required to connect to the identity provider in a semicolon-separated list. |
| SSOExchangeURL | The URL used for consuming the SAML response and exchanging it for service specific credentials. |
| Property | Description |
| InitiateOAuth | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. |
| OAuthClientId | Specifies the client ID (also known as the consumer key) assigned to your custom OAuth application. This ID is required to identify the application to the OAuth authorization server during authentication. |
| OAuthClientSecret | Specifies the client secret assigned to your custom OAuth application. This confidential value is used to authenticate the application to the OAuth authorization server. (Custom OAuth applications only.). |
| OAuthAccessToken | Specifies the OAuth access token used to authenticate requests to the data source. This token is issued by the authorization server after a successful OAuth exchange. |
| OAuthSettingsLocation | Specifies the location of the settings file where OAuth values are saved. |
| CallbackURL | Identifies the URL users return to after authenticating to Amazon Athena via OAuth (Custom OAuth applications only). |
| OAuthVerifier | Specifies a verifier code returned from the OAuthAuthorizationURL . Used when authenticating to OAuth on a headless server, where a browser can't be launched. Requires both OAuthSettingsLocation and OAuthVerifier to be set. |
| OAuthRefreshToken | Specifies the OAuth refresh token used to request a new access token after the original has expired. |
| OAuthExpiresIn | Specifies the duration in seconds, of an OAuth Access Token's lifetime. The token can be reissued to keep access alive as long as the user keeps working. |
| OAuthTokenTimestamp | Displays a Unix epoch timestamp in milliseconds that shows how long ago the current access token was created. |
| Property | Description |
| SSLServerCert | Specifies the certificate to be accepted from the server when connecting using TLS/SSL. |
| Property | Description |
| FirewallType | Specifies the protocol the provider uses to tunnel traffic through a proxy-based firewall. |
| FirewallServer | Identifies the IP address, DNS name, or host name of a proxy used to traverse a firewall and relay user queries to network resources. |
| FirewallPort | Specifies the TCP port to be used for a proxy-based firewall. |
| FirewallUser | Identifies the user ID of the account authenticating to a proxy-based firewall. |
| FirewallPassword | Specifies the password of the user account authenticating to a proxy-based firewall. |
| Property | Description |
| ProxyAutoDetect | Specifies whether the provider checks your system proxy settings for existing proxy server configurations, rather than using a manually specified proxy server. |
| ProxyServer | Identifies the hostname or IP address of the proxy server through which you want to route HTTP traffic. |
| ProxyPort | Identifies the TCP port on your specified proxy server that has been reserved for routing HTTP traffic to and from the client. |
| ProxyAuthScheme | Specifies the authentication method the provider uses when authenticating to the proxy server specified in the ProxyServer connection property. |
| ProxyUser | Provides the username of a user account registered with the proxy server specified in the ProxyServer connection property. |
| ProxyPassword | Specifies the password of the user specified in the ProxyUser connection property. |
| ProxySSLType | Specifies the SSL type to use when connecting to the proxy server specified in the ProxyServer connection property. |
| ProxyExceptions | Specifies a semicolon-separated list of destination hostnames or IPs that are exempt from connecting through the proxy server set in the ProxyServer connection property. |
| Property | Description |
| Logfile | Specifes the file path to the log file where the provider records its activities, such as authentication, query execution, and connection details. |
| Verbosity | Specifies the verbosity level of the log file, which controls the amount of detail logged. Supported values range from 1 to 5. |
| LogModules | Specifies the core modules to include in the log file. Use a semicolon-separated list of module names. By default, all modules are logged. |
| MaxLogFileSize | Specifies the maximum size of a single log file in bytes. For example, '10 MB'. When the file reaches the limit, the provider creates a new log file with the date and time appended to the name. |
| MaxLogFileCount | Specifies the maximum number of log files the provider retains. When the limit is reached, the oldest log file is deleted to make space for a new one. |
| Property | Description |
| Location | Specifies the location of a directory containing schema files that define tables, views, and stored procedures. Depending on your service's requirements, this may be expressed as either an absolute path or a relative path. |
| BrowsableSchemas | Optional setting that restricts the schemas reported to a subset of all available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC . |
| Tables | Optional setting that restricts the tables reported to a subset of all available tables. For example, Tables=TableA,TableB,TableC . |
| Views | Optional setting that restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC . |
| FlattenArrays | By default, arrays are returned as strings of JSON. The FlattenArrays property can be used to flatten the elements of arrays into columns of their own. Set FlattenArrays to the number of elements you want to return from arrays. |
| FlattenObjects | Set FlattenObjects to true to flatten object properties into columns of their own. Otherwise, objects nested in arrays are returned as strings of JSON. |
| Property | Description |
| CleanQueryResults | Amazon Athena produces cache files with every query, in the folder specified in S3StagingDirectory . CleanQueryResults specifies whether these files should be deleted once the connection is closed. |
| EnableFIPSMode | A boolean indicating if FIPS URLs should be enabled. |
| IncludeTableTypes | If set to true, the provider will query for the types of individual tables. |
| MaximumColumnSize | The maximum column size. |
| MaxRows | Specifies the maximum number of rows returned for queries that do not include either aggregation or GROUP BY. |
| MetadataDiscoveryMethod | API to use to retrieve the metadata for Amazon Athena. |
| Other | Specifies additional hidden properties for specific use cases., to be used only when our Support team advises it, to address specific issues. See Remarks for details. |
| PageSize | The number of results to return per page of data retrieved from Amazon Athena. |
| PollingInterval | This determines the polling interval in milliseconds to check whether the result is ready to be retrieved. |
| PseudoColumns | Specifies the pseudocolumns to expose as table columns, expressed as a string in the format 'TableName=ColumnName;TableName=ColumnName'. |
| PushEmptyValuesAsNull | Indicates whether to read the empty values as empty or as null. |
| QueryCachingLevel | Modifies the usage of query results stored in S3StagingDirectory . Cached queries will not be scanned again by Amazon Athena until the amount of seconds specified in QueryTolerance has passed. |
| QueryPassthrough | This option passes the query to the Amazon Athena server as is. |
| QueryTimeout | The timeout in seconds for requests issued by the provider to download large result sets. |
| QueryTolerance | Specifies the amount of time in seconds queries cache for if QueryCachingLevel is not set to None. |
| ResultFetcher | The fetcher that will be used to download query results. |
| RTK | Specifies the runtime key for licensing the provider. If unset or invalid, the provider defaults to the standard licensing method. This property is only required in environments where the standard licensing method is unsupported or requires a runtime key. |
| ShowS3Filepath | Whether or not to expose the _S3Path column for the Amazon Athena tables. |
| Timeout | Specifies the maximum time, in seconds, that the provider waits for a server response before throwing a timeout error. |
| UserDefinedViews | Specifies a filepath to a JSON configuration file that defines custom views. The provider automatically detects and uses the views specified in this file. |
| Workgroup | Work group of the executed queries. |