Connection Properties
The connection properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection settings for this provider. Click the links for further details.
For more information on establishing a connection, see Establishing a Connection.
| Property | Description |
| Buckets | A list of buckets comma-delimited (ex: bucket1,bucket2,..). If left empty, ListAllMyBuckets operation will be used to find them automatically. |
| CustomURL | The custom URL to the S3 based service. Specify this URL if the S3 based service has a different URL from the 'amazonaws.com'. Make sure to specify the full URL. For example: CustomURL=http://127.0.0.1:9000. Please note that in a custom S3 based service, views other than Buckets and Objects might not be supported to work with or might need to be configured on the custom service itself. |
| STSEndpointOverride | The endpoint that the driver will use for the AWS STS service. If the protocol is missing from the URL, https:// will be used. If this parameter is not specified, the driver uses the default AWS STS endpoint. |
| SimpleUploadLimit | This setting specifies the threshold, in bytes, above which the provider will choose to perform a multipart upload rather than uploading everything in one request. |
| UseLakeFormation | When this property is set to true, AWSLakeFormation service will be used to retrieve temporary credentials, which enforce access policies against the user based on the configured IAM role. The service can be used when authenticating through OKTA, ADFS, AzureAD, PingFederate, while providing a SAML assertion. |
| UseVirtualHosting | If true (default), buckets will be referenced in the request using the hosted-style request: http://bucket-name.host/yourobject. If set to false, the bean will use the path-style request: http://host/bucket-name/yourobject. |
| Property | Description |
| AuthScheme | Specifies the type of authentication to use when connecting to Amazon S3. If this property is left blank, the default authentication is used. |
| AWSAccessKey | Specifies your AWS account access key. This value is accessible from your AWS security credentials page. |
| AWSSecretKey | Your AWS account secret key. This value is accessible from your AWS security credentials page. |
| AWSRoleARN | The Amazon Resource Name of the role to use when authenticating. |
| AWSPrincipalARN | The ARN of the SAML Identity provider in your AWS account. |
| AWSRegion | The hosting region for your Amazon Web Services. |
| AWSSessionToken | Your AWS session token. |
| AWSExternalId | A unique identifier that might be required when you assume a role in another account. |
| MFASerialNumber | The serial number of the MFA device if one is being used. |
| MFAToken | The temporary token available from your MFA device. |
| CredentialsLocation | The location of the settings file where MFA credentials are saved. |
| TemporaryTokenDuration | The amount of time (in seconds) a temporary token will last. |
| AWSCognitoRegion | The hosting region for AWS Cognito. |
| AWSUserPoolId | The User Pool Id. |
| AWSUserPoolClientAppId | The User Pool Client App Id. |
| AWSUserPoolClientAppSecret | Optional. The User Pool Client App Secret. |
| AWSIdentityPoolId | The Identity Pool Id. |
| AWSWebIdentityToken | The OAuth 2.0 access token or OpenID Connect ID token that is provided by an identity provider. |
| ServerSideEncryption | When activated, file uploads into Amazon S3 buckets will be server-side encrypted. |
| SSEContext | A BASE64-encoded UTF-8 string holding JSON which represents a string-string (key-value) map. |
| SSEEnableS3BucketKeys | Configuration to use an S3 Bucket Key at the object level when encrypting data with AWS KMS. Enabling this will reduce the cost of server-side encryption by lowering calls to AWS KMS. |
| SSEKey | A symmetric encryption KeyManagementService key, that is used to protect the data when using ServerSideEncryption. |
| Property | Description |
| User | The IDP user used to authenticate the IDP via SSO. |
| Password | The password used to authenticate the IDP user via SSO. |
| SSOLoginURL | The identity provider's login URL. |
| SSOProperties | Additional properties required to connect to the identity provider in a semicolon-separated list. |
| SSOExchangeUrl | The URL used for consuming the SAML response and exchanging it for service specific credentials. |
| Property | Description |
| SSLServerCert | Specifies the certificate to be accepted from the server when connecting using TLS/SSL. |
| Property | Description |
| FirewallType | Specifies the protocol the provider uses to tunnel traffic through a proxy-based firewall. |
| FirewallServer | Identifies the IP address, DNS name, or host name of a proxy used to traverse a firewall and relay user queries to network resources. |
| FirewallPort | Specifies the TCP port to be used for a proxy-based firewall. |
| FirewallUser | Identifies the user ID of the account authenticating to a proxy-based firewall. |
| FirewallPassword | Specifies the password of the user account authenticating to a proxy-based firewall. |
| Property | Description |
| ProxyAutoDetect | Specifies whether the provider checks your system proxy settings for existing proxy server configurations, rather than using a manually specified proxy server. |
| ProxyServer | The hostname or IP address of the proxy server that you want to route HTTP traffic through. |
| ProxyPort | The TCP port on your specified proxy server (set in the ProxyServer connection property) that has been reserved for routing HTTP traffic to and from the client. |
| ProxyAuthScheme | Specifies the authentication method the provider uses when authenticating to the proxy server specified in the ProxyServer connection property. |
| ProxyUser | The username of a user account registered with the proxy server specified in the ProxyServer connection property. |
| ProxyPassword | The password associated with the user specified in the ProxyUser connection property. |
| ProxySSLType | The SSL type to use when connecting to the proxy server specified in the ProxyServer connection property. |
| ProxyExceptions | A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the proxy server set in the ProxyServer connection property. |
| Property | Description |
| Logfile | Specifes the file path to the log file where the provider records its activities, such as authentication, query execution, and connection details. |
| Verbosity | Specifies the verbosity level of the log file, which controls the amount of detail logged. Supported values range from 1 to 5. |
| LogModules | Specifies the core modules to include in the log file. Use a semicolon-separated list of module names. By default, all modules are logged. |
| MaxLogFileSize | Specifies the maximum size of a single log file in bytes. For example, '10 MB'. When the file reaches the limit, the provider creates a new log file with the date and time appended to the name. |
| MaxLogFileCount | Specifies the maximum number of log files the provider retains. When the limit is reached, the oldest log file is deleted to make space for a new one. |
| Property | Description |
| Location | Specifies the location of a directory containing schema files that define tables, views, and stored procedures. Depending on your service's requirements, this may be expressed as either an absolute path or a relative path. |
| BrowsableSchemas | Optional setting that restricts the schemas reported to a subset of all available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC . |
| Tables | Optional setting that restricts the tables reported to a subset of all available tables. For example, Tables=TableA,TableB,TableC . |
| Views | Optional setting that restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC . |
| Property | Description |
| CreateFoldersOnDownload | Automatically create the destination folder during execution of DownloadObjects Stored Procedure. |
| EncodeFilename | Determines if the local file path in DownloadObjects Stored Procedure should be encoded. |
| MaxRows | Specifies the maximum rows returned for queries without aggregation or GROUP BY. |
| MaxThreads | Specifies the number of concurrent requests. |
| Other | Specifies additional hidden properties for specific use cases. These are not required for typical provider functionality. Use a semicolon-separated list to define multiple properties. |
| PseudoColumns | Specifies the pseudocolumns to expose as table columns. Use the format 'TableName=ColumnName;TableName=ColumnName'. The default is an empty string, which disables this property. |
| RTK | Specifies the runtime key for licensing the provider. If unset or invalid, the provider defaults to the standard licensing method. Use this property only in environments where the standard licensing method is unsupported or requires a runtime key. |
| Timeout | Specifies the maximum time, in seconds, that the provider waits for a server response before throwing a timeout error. The default is 60 seconds. Set to 0 to disable the timeout. |
| UserDefinedViews | Specifies a filepath to a JSON configuration file defining custom views. The provider automatically detects and uses the views specified in this file. |