๐Ÿ“œ Our Manifesto
๐Ÿงฐ Backup & Disaster Recovery
๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Customer Success & Supporty
๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Community

AWS Athena + Glue

Guide to deploying your AWS Athena query engine with an AWS Glue metastore on Atlan

๐Ÿ’ญ This article outlines the credential access requirements for AWS Athena with Glue.

Feel free to reach out to the Atlan team for guided sessions to help with your deployment.

๐Ÿ“œ Prerequisite: ๐Ÿ”‘ IAM user policy

These are the permissions required by the credentials holder to get query data using Athena from Atlan.

Please replace <data_bucket> with the S3 buckets where your data resides. If you are unsure add * in Resource section of the IAM policy.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"athena:*"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"glue:CreateDatabase",
"glue:DeleteDatabase",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:UpdateDatabase",
"glue:CreateTable",
"glue:DeleteTable",
"glue:BatchDeleteTable",
"glue:UpdateTable",
"glue:GetTable",
"glue:GetTables",
"glue:BatchCreatePartition",
"glue:CreatePartition",
"glue:DeletePartition",
"glue:BatchDeletePartition",
"glue:UpdatePartition",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload",
"s3:CreateBucket",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::aws-athena-query-results-*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::<data_bucket>",
"arn:aws:s3:::<data_bucket>/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"sns:ListTopics",
"sns:GetTopicAttributes"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Resource": [
"*"
]
}
]
}

Create Atlan <> Athena connection

STEP 1: Select the query engine

Crawler Status
  1. Go to the crawler page for the respective integration.

  2. Click on the "Configure" button to configure the query engine.

  3. There are two options for the query engine: AWS Athena and Presto. Select "AWS Athena".

Query Engine

STEP 2: Provide credentials

  1. You will see an option to either select a preconfigured credential or create a credential. To set up a new connection, click on the "Create Credential" button.

  2. You will be required to fill in your Athena credentials.

  3. Once you have filled in those details, click on "Next".

  4. Your connection is now created.

Congratulations! You have now integrated Atlan with your Athena ๐ŸŽ‰