Let's configure the Open Table connection properties to connect to AWS Glue Catalog or Hive Metastore.
Before you begin
Before you get started, you will need to add the Amazon Athena or Hive JDBC driver to the Secure Agent machine and configure the authentication-specific prerequisites.
Permanent IAM Credentials authentication requires the access key and secret key values of the IAM user. Keep the access key and secret key handy before creating the connection. For more information about creating an access key and secret key, see the AWS documentation.
To configure Service Principal authentication, you need the Azure account name, client secret, client ID, and tenant ID for your application registered in the Azure Active Directory. Keep the Azure account name, client secret, client ID, and tenant ID handy before creating the connection. For more information about Azure account name, client secret, client ID, and tenant ID for your application, see the Microsoft Azure documentation.
Check out Prerequisites to learn more about how to configure policies and role to access Apache Iceberg or Delta Lake tables.
Open Table formats with associated catalog and storage types
You can choose the Open Table format that you want to use and its associated catalog type and storage type to interact with data.
The following table summarizes the Open Table formats that you can use, their catalog types, storage types, and the authentication options available for each storage type:
Open Table format
Catalog type
Storage type
Authentication type
Apache Iceberg
AWS Glue Catalog
Amazon S3
Permanent IAM Credentials authentication
Hive Metastore
Microsoft Azure Delta Lake Storage Gen2
Service Principal authentication
Delta Lake
AWS Glue Catalog
Amazon S3
Permanent IAM Credentials authentication
Connection details
The following table describes the Open Table connection properties:
Property
Description
Connection Name
Name of the connection.
Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
Maximum length is 255 characters.
Description
Description of the connection. Maximum length is 4000 characters.
Type
Open Table
Use Secret Vault
Stores sensitive credentials for this connection in the secrets manager that is configured for your organization.
This property appears only if secrets manager is set up for your organization.
This property is not supported by Data Ingestion and Replication.
When you enable the secret vault in the connection, you can select which credentials that the Secure Agent retrieves from the secrets manager. If you don't enable this option, the credentials are stored in the repository or on a local Secure Agent, depending on how your organization is configured.
The name of the runtime environment where you want to run tasks.
Select a Secure Agent, Hosted Agent, or serverless runtime environment.
You cannot run a database ingestion task on a Hosted Agent or in a serverless runtime environment.
Open Table Format
The Open Table format that you want to use to read from or write data to a catalog.
Select Apache Iceberg or Delta Lake from the list.
Catalog types
You can select AWS Glue Catalog or Hive Metastore as the catalog type to manage the metadata of the Open Table format that you selected.
Select the catalog type that your Open Table format uses and then configure the catalog specific parameters.
AWS Glue Catalog
If the Apache Iceberg or Delta Lake Open Table format uses AWS Glue Catalog as the catalog type, configure the properties specific to AWS Glue Catalog.
The following table describes the property to configure AWS Glue Catalog:
For example, jdbc:athena://Region=us-west1;OutputLocation=s3://working/dir.
Hive Metastore
If the Apache Iceberg Open Table format uses Hive Metastore as the catalog type, configure the properties specific to Hive Metastore.
The Hive Metastore catalog type is available for preview.
Preview Notice: Preview functionality is supported for evaluation purposes but is unwarranted and is not supported in production environments or any environment that you plan to push to production. Informatica intends to include the preview functionality in an upcoming release for production use, but might choose not to in accordance with changing market or technical circumstances. Note that if you are working on a preview POD, all data is excluded from SOC 2 compliance coverage. For more information, contact Informatica Global Customer Support.
The following table describes the properties to configure Hive Metastore:
Property
Description
Hive Metastore URI
The Hive thrift server URL to connect to Hive Metastore.
Hive JDBC URL
The JDBC URL to connect to Hive4 server.
Hive User Name
The user name of your Hive account to connect to Hive Metastore.
Hive Password
The password of your Hive account to connect to Hive Metastore.
Storage types
You can choose Amazon S3 or Microsoft Azure Data Lake Storage Gen2 as the storage type to store the Open Table format tables.
Select the storage type and configure the storage specific authentication parameters.
Amazon S3 Storage
If you use AWS Glue Catalog as the catalog type, configure the properties specific to Amazon S3 Storage.
Select Permanent IAM Credentials authentication as the authentication type to access Open Table formats in Amazon S3 Storage.
Permanent IAM Credentials authentication
The following table describes the properties to configure Permanent IAM Credentials authentication:
Property
Description
Access Key
The key to access the AWS Glue Catalog.
Secret Key
The secret key to access the AWS Glue Catalog. The secret key is associated with the access key and uniquely identifies the account.
Microsoft Azure Data Lake Storage Gen2
If you use Hive Metastore as the catalog type, configure the properties specific to Microsoft Azure Data Lake Storage Gen2.
The Microsoft Azure Data Lake Storage Gen2 storage type is available for preview.
Preview Notice: Preview functionality is supported for evaluation purposes but is unwarranted and is not supported in production environments or any environment that you plan to push to production. Informatica intends to include the preview functionality in an upcoming release for production use, but might choose not to in accordance with changing market or technical circumstances. Note that if you are working on a preview POD, all data is excluded from SOC 2 compliance coverage. For more information, contact Informatica Global Customer Support.
Select Service Principal authentication as the authentication type to access Open Table formats in Microsoft Azure Data Lake Storage Gen2.
Service Principal authentication
The following table describes the properties to configure Service Principal authentication:
Property
Description
Azure Account Name
The name of the Microsoft Azure Data Lake Storage Gen2 account to stage the files.
Azure Client Secret
The client secret for your application.
Azure Client ID
The client ID of your application.
Enter the application ID or client ID for your application registered in the Azure Active Directory.
Azure Tenant ID
The directory ID or tenant ID for your application.