The content of this article has been moved into Looker’s technical documentation here.
Are there any plans to support using IAM Roles to connect to Athena instead of having to pass a hardcoded access key and secret key? Our machines running Looker run on EC2 with a role that already gives them access to Athena and it would be nice and safer if Looker could just use that.
It looks like you already got your answer from chat, but for the benefit of everyone else, this isn’t something we support right now but we’ve passed the feedback along!
Just added the “Feature Support” section to this article.
Since Looker has native connections to AWS Athena you may be interested in how best to leverage Athena and Looker. Using a columnar storage format is ket to optimized performance and lowers per query costs. If you are looking to get started with Athena, this may be of interest. It has automated the setup and optimization of data pipelines for Looker users, including converting data to Apache Parquet format.
If there is any interest, please let me know.
In looker version 5.20, the Athena driver has been upgraded to use the Athena JDBC API 4.2 (v2.0.2). The extra jdbc params setup in the looker connection will need to be updated to conform to the new connection URL construction:
See here for more details if needed to update custom JDBC configs or other specifics to your connection configuration.
Update to the comment above - The athena driver v2.0.5 is used in looker v5.22+. If you have the right policy attached to your athena user, you can add
;UseResultsetStreaming=1 to the end of your additional params in the connection setup to significantly improve the performance of large result set extraction (this parameter is set to 0 by default).