Node.js からAthena Data をクエリ

API Server は、データを外部に公開します。CData API Server のOData エンドポイントを使って、Node.js からAthena data へのCRUD クエリを実行します。

CData API Server とADO.NET Provider for Athena(もしくは200+ の他のADO.NET Providers)を使って、Athena をOData エンドポイントして公開し、Node.js からシンプルなHTTP リクエストでクエリを実現します。本記事ではAPI Server を使ってJSON でフォーマットされたAthena データをNode.js でリクエストする方法を説明します。

Set Up the API Server

Follow the steps below to begin producing secure Athena OData services:

Deploy

The API Server runs on your own server. On Windows, you can deploy using the stand-alone server or IIS. On a Java servlet container, drop in the API Server WAR file. See the help documentation for more information and how-tos.

The API Server is also easy to deploy on Microsoft Azure, Amazon EC2, and Heroku.

Connect to Athena

After you deploy the API Server and the ADO.NET Provider for Athena, provide authentication values and other connection properties needed to connect to Athena by clicking Settings -> Connections and adding a new connection in the API Server administration console.

Amazon Athena への接続

Amazon Athena リクエストの認証には、アカウントの管理のクレデンシャルか、IAM ユーザーのカスタムPermission を設定します。 AccessKey にAccess Key Id、SecretKey にはSecret Access Key を設定します。

Note: AWS アカウントアドミニストレータとしてアクセスできる場合でも、AWS サービスへの接続にはIAM ユーザークレデンシャルを使用することが推奨されます。

Access Key の取得

IAM ユーザーのクレデンシャル取得は以下の通り:

  1. IAM コンソールにログイン
  2. Navigation ペインでUsers を選択。
  3. To create or manage the access keys for a user, select the user and then select the Security Credentials tab.

To obtain the credentials for your AWS root account, follow the steps below:

  1. Sign into the AWS Management console with the credentials for your root account.
  2. Select your account name or number and select My Security Credentials in the menu that is displayed.
  3. Click Continue to Security Credentials and expand the Access Keys section to manage or create root account access keys.

Authenticating from an EC2 Instance

If you are using the CData Data Provider for Amazon Athena 2018 from an EC2 Instance and have an IAM Role assigned to the instance, you can use the IAM Role to authenticate. To do so, set UseEC2Roles to true and leave AccessKey and SecretKey empty. The CData Data Provider for Amazon Athena 2018 will automatically obtain your IAM Role credentials and authenticate with them.

Authenticating as an AWS Role

In many situations it may be preferable to use an IAM role for authentication instead of the direct security credentials of an AWS root user. An AWS role may be used instead by specifying the RoleARN. This will cause the CData Data Provider for Amazon Athena 2018 to attempt to retrieve credentials for the specified role. If you are connecting to AWS (instead of already being connected such as on an EC2 instance), you must additionally specify the AccessKey and SecretKey of an IAM user to assume the role for. Roles may not be used when specifying the AccessKey and SecretKey of an AWS root user.

Authenticating with MFA

For users and roles that require Multi-factor Authentication, specify the MFASerialNumber and MFAToken connection properties. This will cause the CData Data Provider for Amazon Athena 2018 to submit the MFA credentials in a request to retrieve temporary authentication credentials. Note that the duration of the temporary credentials may be controlled via the TemporaryTokenDuration (default 3600 seconds).

Connecting to Amazon Athena

In addition to the AccessKey and SecretKey properties, specify Database, S3StagingDirectory and Region. Set Region to the region where your Amazon Athena data is hosted. Set S3StagingDirectory to a folder in S3 where you would like to store the results of queries.

If Database is not set in the connection, the data provider connects to the default database set in Amazon Athena.

You can then choose the Athena entities you want to allow the API Server access to by clicking Settings -> Resources.

Authorize API Server Users

After determining the OData services you want to produce, authorize users by clicking Settings -> Users. The API Server uses authtoken-based authentication and supports the major authentication schemes. Access can also be restricted based on IP address; all IP addresses except the local machine are restricted by default. You can authenticate as well as encrypt connections with SSL.

Consume Athena OData Feeds from Node.js

OData feeds are easy to work with in Node.js. You can use the HTTP client in Node.js to request JSON-formatted data from the API Server's OData endpoint. After making the request, you can construct the body of the response and call the JSON.parse() function to parse it into records.

The code below will make an authenticated request for Customers data. The example URL below applies a simple filter that searches for records with a value of 12345 in the CustomerId column.

var http = require('http'); http.get({ protocol: "http:", hostname: "MyServer.com", port: MyPort, path: "/api.rsc/Customers?$filter=" + encodeURIComponent("CustomerId eq '12345'"), auth: 'MyUser:MyAuthtoken' }, function(res) { var body = ''; res.on('data', function(chunk) { body += chunk; }); res.on('end', function() { console.log(body); var jsonData = JSON.parse(body); }); }).on('error', function(e) { console.log("Error: ", e); });
 
 
ダウンロード