Connect to Amazon Athena via Azure AD Authentication Using JDBC

Connecting to Amazon Athena via Azure AD Authentication requires the Simba Athena JDBC driver. Make sure to get the latest version of the driver. Support for Azure AD was added in May of 2021. If connecting via RazorSQL, RazorSQL can automatically download and configure the Simba JDBC driver for you in the Add Connection Wizard tool.

In order to connect to Athena via Azure AD, the following connection properties are needed. If connecting via RazorSQL (Connections -> Add Connection Profile -> Select Amazon Athena and click Continue), fill in the Athena specific property values on the main connection wizard screen. Click the "Configure" button next to the Conn. Properties field to add the Azure AD Specific properties.

Athena specific properties:

  • AWSRegion - This is the AWS region your database resides in, for example, us-east1
  • S3OutputLocation - This is the S3 bucket with your data

Azure AD specific properties:

  • User or UID - The email address you use to access the Azure AD server
  • Password or PWD - The Azure AD password
  • AwsCredentialsProviderClass - Use com.simba.athena.iamsupport.plugin.AzureCredentialsProvider
  • tenant_id - The Azure AD unique id for your Athena application
  • client_id - The Azure AD client id
  • client_secret - The Azure AD client secret

If manually connecting to Athena, below is an example JDBC URL to connect to Athena and authenticate via Azure AD.