Configuring Authentication

Connections to DynamoDB require authentication. You must configure the Simba DynamoDB JDBC Driver to provide your AWS credentials and authenticate the connection to the database.

You can authenticate your connection by using a credentials file or by using access keys (an access key and a secret key).

Using a Credentials File

You can provide AWS credentials by using a special credentials file that contains the access keys and secret keys of multiple users.

For information about the format of a credentials file, see the "AWS Credentials File Format" section in the AWS SDK for Java Developer Guide: http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/credentials.html#aws-credentials-file-format.

You provide this information to the connector in the connection URL. For more information about the syntax of the connection URL, see Building the Connection URL.

To configure authentication using a credentials file:

  1. Set the Region property to the AWS region to which you want to connect.
  2. Set the CredentialFilePath property to the full path of the AWS credentials file that you want to use.
  3. Set the ProfileName property to the name of the profile to use from the AWS credentials file.

For example:

jdbc:dynamodb:Host=dynamodb.us-west-1.amazonaws.com;Region=us-west-1;CredentialFilePath=C:\\Documents\\DynamoDB_JDBC_Credentials.txt;ProfileName=simba

Using Access Keys

You can provide an access key and a secret key to authenticate your connection. If you are using temporary credentials, then you must also provide either a session token or an Amazon Resource Name (ARN).

You provide this information to the connector in the connection URL. For more information about the syntax of the connection URL, see Building the Connection URL.

Note:

Temporary credentials are only valid for a limited amount of time. Contact your DynamoDB server administrator to get temporary credentials.

To configure authentication using access keys:

  1. Set the Region property to the AWS region to which you want to connect.
  2. Set the AccessKey property to your access key ID for connecting to the DynamoDB service.
  3. Set the SecretKey property to the secret access key corresponding to your access key ID.
  4. If you are using temporary credentials, then do one of the following:
    • Set the SessionToken property to your session token for accessing the DynamoDB service.
    • Or, set the Arn property to the ARN that you want the connector to use to retrieve your temporary credentials. Optionally, if you want the connector to retrieve temporary credentials for a specific role, also set the ExternalID property to the external ID for that role.

For example, when not using temporary credentials:

jdbc:dynamodb:Host=dynamodb.us-west-1.amazonaws.com;Region=us-west-1;AccessKey=ABCABCABC123ABCABC45;SecretKey=abCD+E1f2Gxhi3J4klmN/OP5QrSTuvwXYzabcdEF

Related topics