Querying Data in S3 with Amazon Athena

1 hour
  • 3 Learning Objectives

About this Hands-on Lab

This hands-on lab allows you to practice analyzing data stored in S3 using SQL queries in AWS Athena. Additionally, we use AWS Glue to reduce storage costs and increase the efficiency of query scans.

We’ll walk through an interactive query service which helps to analyze data for various AWS services, including CloudFront access logs. You create a table, load the data partitions, and query the data in the table using SQL.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a Table from S3 Bucket Metadata
  1. Navigate to the Amazon Athena service:
    • Click Get Started if this is our first trip into Athena, otherwise continue to #2
  2. First, add an S3 location for your queries by clicking on the ‘Before you run your first query, you need to set up a query result location in Amazon S3.‘ link
  3. Paste in the S3 Bucket ARN we copied earlier, being sure to remove "arn:aws:s3:::" from the beginning of the data we paste in and including a trailling slash
  4. Once the S3 location is properly configured you will notice the Run query button has been made active.
  5. In the query editor paste the following query, then press Ctrl+Enter to run the query:
    CREATE database aws_service_logs
  6. Under Tables, select Create Table > from S3 bucket data.
  7. Step 1: Name and Location:
    • Database: aws_service_logs
    • Table: cf_access_optimized
    • Location: s3://Name of the generated S3 bucket/ (including trailing slash)
  8. Step 2: Data Format
    • Select Parquet
  9. Step 3: Columns
    • Bulk add columns using this data:
      time timestamp, location string, bytes bigint, requestip string, method string, host string, uri string, status int, referrer string, useragent string, querystring string, cookie string, resulttype string, requestid string, hostheader string, requestprotocol string, requestbytes bigint, timetaken double, xforwardedfor string, sslprotocol string, sslcipher string, responseresulttype string, httpversion string
  10. Step 4: Partitions
    • Column Name: year, Column Type: string
    • Column Name: month, Column Type: string
    • Column Name: day, Column Type: string
    • Click Create table
  11. Click Run query on the generated SQL statement. Ensure the S3 bucket location in the query matches the one generated in your lab environment.
Add Partition Metadata
  1. Open a new query tab
  2. Run the following query: MSCK REPAIR TABLE aws_service_logs.cf_access_optimized
  3. Verify the partitions were created with the following query: SELECT count(*) AS rowcount FROM aws_service_logs.cf_access_optimized. You should see 207535 rows present in the table.
  4. Run the following query: SELECT * FROM aws_service_logs.cf_access_optimized LIMIT 10
Query the Total Bytes Served in a Date Range
  1. Perform the following query:
    SELECT SUM(bytes) AS total_bytes
    FROM aws_service_logs.cf_access_optimized
    WHERE time BETWEEN TIMESTAMP '2018-11-02' AND TIMESTAMP '2018-11-03'
  2. Observe the value for total_bytes equals 87310409.

Additional Resources

Make sure you are in the us-east-1 region throughout this lab.

CloudFront access logs have been pre-generated for you as part of the lab, and the Glue transformation step is already done for you.

The optimized CloudFront access logs are stored in an S3 bucket in this lab environment, in a format called Apache Parquet. CloudFront raw access logs are stored in a CSV format called Web Distribution Log File Format.

When prompted to bulk add column definitions, you may use this data to save time:

time timestamp, location string, bytes bigint, requestip string, method string, host string, uri string, status int, referrer string, useragent string, querystring string, cookie string, resulttype string, requestid string, hostheader string, requestprotocol string, requestbytes bigint, timetaken double, xforwardedfor string, sslprotocol string, sslcipher string, responseresulttype string, httpversion string

Click here for more info on Glue and partitioning data.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?