Datagrip + AWS Athena + SSO Profile
I am trying to use Athena with Datagrip but outside of the AWS Toolkit since it doesn't have Athena support yet. However using a regular profile with Access Key and Secret Access Key doesn't work anymore because the keys are rotated in our company and they asked me to use SSO profiles instead.
This is an error if I use User&Password:
I have configures `aws sso configure` to add profile that I normally use with AWS. In DataGrip I selected AWS Profile and specified:
User: <aws_access_key> or my email address
Profile: name of the config profile
But I keep getting this error:
Please sign in to leave a comment.
Hi,
The issue seems similar to DBE-23748. Please try the workaround mentioned in the ticket description, or upgrade to the 2025.3 EAP version, available via the Toolbox App or here. Note that the EAP includes some important changes, see A Farewell to Consoles.
Hi, I installed the EAP version but I am still getting error. Weirdly error mentioned profile “default” even though I used the profile name from my .aws/config file.
It's still not clear how to use it.
Authentication: AWS Profile
User: is it access key or email?
Profile: is it the profile from “credentials” or “config”
My Profile is called “DataEngineeringAccess”
Hi,
You can leave this field blank.
It should be the profile from ~/.aws/config (in your case, DataEngineeringAccess).
Could you try adding the following properties under the Advanced tab of the data source?
I should also add that for now, AWS SSO doesn't work out of the box in DataGrip - DBE-16041/Support-AWS-SSO. Here are some additional references that may be helpful:
If it still doesn't help, kindly upload the idea.log file (Help > Show Log in …) to https://uploads.jetbrains.com/ and share the upload ID.
Hi, I followed the above steps, and now i get below error :
Connection test failed: Could not get query execution ID: Unable to load SSO token
Could not get query execution ID: Unable to load SSO token
I am using Athena Driver ver 3.5.0
Any pointers for this error?
Hi Ajit Malik,
Please check if your ~/.aws/config contains the correct profile and run
aws sso login --profile <your profile>to check the SSO login state. If it does not help, share the idea.log file (Help > Show Log in …) by uploading it to https://uploads.jetbrains.com/ and specifying the upload ID.I got this working, and have feedback on the advice and how I got it working.
Environment
What I tried
Working configuration
Signed in beforehand with `aws sso login --profile platform-dev`. The relevant part of it is:
[profile platform-dev]
sso_start_url=https://d-9a671990ce.awsapps.com/start
sso_region=us-east-2
sso_account_id=905418337205
sso_role_name=AdministratorAccess
Then:
The AWS doc calls the property `ProfileName` (not `Profile`). Could the built-in driver template / validation be updated accordingly? See: AWS configuration profile credentials.
I have uploaded my `idea.log` and the upload ID is: `2025_10_13_7srVgTBBTPWi7vc6AvhodQ`.
Hi asim,
We plan to introduce some changes to how cloud databases are connected in DataGrip, starting with the upcoming 2025.3 release. The settings will be renamed in the new connection dialog and properly documented.
I have 2025.3 now and it is still not working with Athena. Great! Do you need me to list how many third party software and freeware already can?
All my expense AI (Cloude/gemini/grok) failed to reach the Athina from DataGrip in many-many attempts. Ok.. too much.. time to switch data IDE.
Serzhyale
Am I correct that you were attempting to connect to your Athena data source by attaching it from the AI Assistant? Please provide more details about the issue you're experiencing