FEAT: Databricks connector (#133)

* Databricks connector - Module skeleton (#106)

* Init commit

Java module

Move src

Test file

minimise dep

Minimise dep

Update changes

Import driver

Update code

Update connection string

Update header

* Folder restrcuture

* Update tests

* Update Java doc

* POM refactor

* Update Readme

* Databricks Connector - Deployment Instruction (#107)

* SAM template

# Conflicts:
#	connectors/athena-databricks-connector/athena-databricks-connector.yaml

* Update template

* Update docker file

* Update doc

* Update doc

* Update doc

* Update doc

* Update doc

* Databricks Connector - Metadatahandler (#108)

* Update jdbc

* Ignore git module changes

Remove un compatible query

Update API signature

Update metadataHandler

Update metdata

Update wording

* Update doc

* Databricks connector - RecordHandler impelementation (#110)

* Init commit

Java module

Move src

Test file

minimise dep

Minimise dep

Update changes

Import driver

Update code

Update connection string

Update header

* Folder restrcuture

# Conflicts:
#	.gitmodules
#	connectors/athena-databricks-connector/pom.xml
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksCompositeHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksEnvironmentProperties.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksMetadataHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksRecordHandler.java

* Update tests

* SAM template

# Conflicts:
#	connectors/athena-databricks-connector/athena-databricks-connector.yaml

* Update doc

* Impl - Record handler

Working copy

Testable contructor

Unit test

Update record

Make fetch size configable

Update fetch size

Update doc

Update pushdown support

Unit test

* Update connectors/athena-databricks-connector/README.md

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update doc

# Conflicts:
#	connectors/athena-databricks-connector/README.md

---------

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Notebook: Databricks connector (#128)

* Init commit

Java module

Move src

Test file

minimise dep

Minimise dep

Update changes

Import driver

Update code

Update connection string

Update header

* Folder restrcuture

# Conflicts:
#	.gitmodules
#	connectors/athena-databricks-connector/pom.xml
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksCompositeHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksEnvironmentProperties.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksMetadataHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksRecordHandler.java

* Update tests

* SAM template

# Conflicts:
#	connectors/athena-databricks-connector/athena-databricks-connector.yaml

* Update doc

* Databricks notebook

Update notebook

Update notebook

Update dep

Update notebook

* Update notebook

* Update testcase

* Update notebooks/import_databricks_demo.ipynb

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update notebooks/import_databricks_demo.ipynb

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update notebooks/import_databricks_demo.ipynb

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update notebooks/import_databricks_demo.ipynb

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update notebooks/import_databricks_demo.ipynb

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>

* Update doc

* Make NEV optional

---------

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>
# Conflicts:
#	pyproject.toml

* Databricks connector: Deployment instruction fixes (#130)

* Init commit

Java module

Move src

Test file

minimise dep

Minimise dep

Update changes

Import driver

Update code

Update connection string

Update header

* Folder restrcuture

# Conflicts:
#	.gitmodules
#	connectors/athena-databricks-connector/pom.xml
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksCompositeHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksEnvironmentProperties.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksMetadataHandler.java
#	connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksRecordHandler.java

* Update tests

* SAM template

# Conflicts:
#	connectors/athena-databricks-connector/athena-databricks-connector.yaml

* Update doc

* Databricks notebook

Update notebook

Update notebook

Update dep

Update notebook

* Update testcase

* Update jdbc string

Update default option

Update log stmt

Reorder parameters

Minimise diff

* Update example host name

* Update notebook

* Connector: Directory restructure (#132)

* Move s3 vector

* Update path

* Misc update

* Update pyproject.toml

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/src/main/resources/log4j2.xml

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/Dockerfile

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksCompositeHandler.java

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/athena-databricks-connector.yaml

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/README.md

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Update connectors/athena-databricks-connector/src/main/java/com/amazonaws/athena/connectors/databricks/DatabricksRecordHandler.java

Co-authored-by: mykola-pereyma <pereymam@amazon.com>

* Fix notebook

* Update github action

* Update doc

* Update python

* Update java

* Update py test

---------

Co-authored-by: Andrew Carbonetto <andrew.carbonetto@improving.com>
Co-authored-by: mykola-pereyma <pereymam@amazon.com>

Author: 3 people

.github/dependabot.yml

@@ -5,7 +5,11 @@ updates:
     schedule:
       interval: "weekly"
   - package-ecosystem: "maven"
-    directory: "/athena-s3vector-connector"
+    directory: "/connectors/athena-databricks-connector"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "maven"
+    directory: "/connectors/athena-s3vector-connector"
     schedule:
       interval: "weekly"
   - package-ecosystem: "pip"

.github/workflows/athena-databricks-connector.yml

@@ -0,0 +1,36 @@
+name: Databricks Connector CI
+
+on:
+  pull_request:
+    paths:
+      - 'connectors/athena-databricks-connector/**'
+  push:
+    branches:
+      - main
+    paths:
+      - 'connectors/athena-databricks-connector/**'
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java-version: [ '11', '17' ]
+    env:
+      AWS_REGION: us-west-2
+      AWS_DEFAULT_REGION: us-west-2
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          submodules: true
+      - name: Set up JDK ${{ matrix.java-version }}
+        uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
+        with:
+          distribution: 'corretto'
+          java-version: ${{ matrix.java-version }}
+      - name: Build with Maven
+        run: mvn install -Dcheckstyle.skip=true
+        working-directory: connectors/athena-databricks-connector

.github/workflows/athena-s3vector-connector.yml

@@ -3,12 +3,12 @@ name: Java CI Push
 on:
   pull_request:
     paths:
-      - 'athena-s3vector-connector/**'
+      - 'connectors/athena-s3vector-connector/**'
   push:
     branches:
       - main
     paths:
-      - 'athena-s3vector-connector/**'
+      - 'connectors/athena-s3vector-connector/**'
 
 permissions:
   contents: read
@@ -31,4 +31,4 @@ jobs:
           java-version: ${{ matrix.java-version }}
       - name: Build with Maven
         run: mvn install
-        working-directory: athena-s3vector-connector
+        working-directory: connectors/athena-s3vector-connector

.gitignore

@@ -171,6 +171,7 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 .idea/
+*.iml
 nx-neptune/
 
 
@@ -183,5 +184,6 @@ nx-neptune/
 
 # Java
 .jqwik-database
+dependency-reduced-pom.xml
 
 

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "connectors/aws-athena-query-federation"]
+	path = connectors/aws-athena-query-federation
+	url = https://github.com/awslabs/aws-athena-query-federation.git
+	ignore = dirty

connectors/README.md

@@ -0,0 +1,66 @@
+# Athena Connectors
+
+This directory contains Athena federated query connectors and their shared dependencies.
+
+## Structure
+
+```
+connectors/
+├── pom.xml                              # Parent POM (multi-module build)
+├── aws-athena-query-federation/         # Git submodule (pinned to specific version)
+│   └── athena-jdbc/                     # JDBC base module used by Databricks connector
+├── athena-databricks-connector/         # Databricks Unity Catalog connector
+└── athena-s3vector-connector/           # S3 Vector connector
+```
+
+## Why the Submodule?
+
+The `athena-databricks-connector` depends on the `athena-jdbc` module from the [AWS Athena Query Federation SDK](https://github.com/awslabs/aws-athena-query-federation). This module provides base classes for JDBC-based connectors (`JdbcMetadataHandler`, `JdbcRecordHandler`, connection management, etc.).
+
+The `athena-jdbc` module is **not published to Maven Central**, so it cannot be pulled as a regular Maven dependency. The submodule allows us to build it from source as part of the multi-module Maven build, without copying source files into our repository.
+
+## Build
+
+From the repository root:
+
+```bash
+# Initialize submodule (first time or after clone)
+git submodule update --init
+
+# Build all modules
+mvn -f connectors/pom.xml clean package -DskipTests
+
+# Build only the Databricks connector (uses cached athena-jdbc from .m2)
+mvn -f connectors/pom.xml package -DskipTests -pl :athena-databricks-connector
+
+# Build Databricks connector + its dependencies
+mvn -f connectors/pom.xml package -DskipTests -pl :athena-databricks-connector -am
+```
+
+## Updating the Federation SDK Version
+
+1. Check available tags:
+   ```bash
+   cd connectors/aws-athena-query-federation
+   git fetch --tags
+   git tag | grep v2026
+   ```
+
+2. Checkout the desired version:
+   ```bash
+   git checkout v2026.12.0
+   cd ../..
+   ```
+
+3. Update the `athena-sdk.version` property in `athena-databricks-connector/pom.xml` to match.
+
+4. Commit the submodule update:
+   ```bash
+   git add connectors/aws-athena-query-federation
+   git commit -m "Bump federation-sdk to v2026.12.0"
+   ```
+
+5. Rebuild to verify:
+   ```bash
+   mvn -f connectors/pom.xml clean package -DskipTests
+   ```

connectors/athena-databricks-connector/Dockerfile

@@ -0,0 +1,8 @@
+ARG JAVA_VERSION=11
+FROM public.ecr.aws/lambda/java:${JAVA_VERSION}
+
+ARG JAR_VERSION=0.1.0
+COPY target/athena-databricks-connector-${JAR_VERSION}.jar ${LAMBDA_TASK_ROOT}
+RUN jar xf ${LAMBDA_TASK_ROOT}/athena-databricks-connector-${JAR_VERSION}.jar
+
+CMD ["com.amazonaws.athena.connectors.databricks.DatabricksCompositeHandler"]

athena-s3vector-connector/LICENSE.txt …/athena-databricks-connector/LICENSE.txtathena-s3vector-connector/LICENSE.txt renamed to connectors/athena-databricks-connector/LICENSE.txt athena-s3vector-connector/LICENSE.txt renamed to connectors/athena-databricks-connector/LICENSE.txt

@@ -0,0 +1,185 @@
+## Athena Databricks Connector
+
+This connector enables Amazon Athena to query data stored in Databricks Unity Catalog using JDBC. It allows you to perform federated queries on Databricks tables directly from Athena.
+
+## Connector Status: Preview
+
+The Databricks Athena connector is currently in **preview** and available only as source code for building locally. This is not a production-ready release.
+
+We welcome questions, suggestions, and contributions from the community.
+
+## What is the Databricks Connector?
+
+The Databricks Connector is a JDBC-based Athena federated query connector that enables querying data in Databricks Unity Catalog. It implements both metadata and record handling capabilities to:
+
+1. Provide schema information about Databricks databases, tables, and columns
+2. Read data from Databricks tables for query processing via JDBC
+3. Authenticate using personal access tokens stored in AWS Secrets Manager
+
+The connector consists of:
+
+- **DatabricksMetadataHandler**: Handles metadata operations (list schemas, tables, get table definitions, partitions, and splits)
+- **DatabricksRecordHandler**: Handles data reading operations from Databricks via JDBC
+- **DatabricksCompositeHandler**: Combines both handlers into a single Lambda function
+
+## Prerequisites
+
+Before deploying this connector, ensure you have:
+
+- [Proper permissions/policies to deploy/use Athena Federated Queries](https://docs.aws.amazon.com/athena/latest/ug/federated-query-iam-access.html)
+- An S3 bucket for spilling large query results
+- A Databricks workspace with Unity Catalog enabled
+- A Databricks personal access token stored in AWS Secrets Manager
+- Athena workgroup configured to use Athena Engine Version 3
+
+## How To Deploy
+
+### Build the Connector
+
+From the repository root, initialize the submodule and build:
+
+```bash
+git submodule update --init
+mvn clean package -DskipTests -f connectors/pom.xml
+```
+
+The parent POM builds the `athena-jdbc` dependency from the submodule first, then the Databricks connector.
+
+### Deploy Using SAM CLI
+
+```bash
+sam build -t connectors/athena-databricks-connector/athena-databricks-connector.yaml && \
+sam deploy --guided -t connectors/athena-databricks-connector/athena-databricks-connector.yaml
+```
+
+### CloudFormation Parameters
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| AthenaCatalogName | Lambda function name (must match pattern: `^[a-z0-9-_]{1,64}$`) | databricks |
+| SpillBucket | S3 bucket name for spilling data (bucket name only, not URI or ARN) | Required |
+| SpillPrefix | Prefix within SpillBucket | athena-spill |
+| LambdaTimeout | Maximum Lambda invocation runtime (1-900 seconds) | 900 |
+| LambdaMemory | Lambda memory in MB (128-3008) | 1024 |
+| DatabricksHost | Databricks workspace hostname (e.g. `dbc-59ed3753-5cf0.cloud.databricks.com`) | Required |
+| SecretName | Name of the Secrets Manager secret containing the Databricks personal access token | Required |
+| DatabricksDefaultDatabase | Default Databricks Unity Catalog database (catalog.schema) | default |
+| DatabricksFetchSize | Number of rows fetched per JDBC round trip | 10000 |
+| EnableArrow | Enable Arrow-based result serialization (Cloud Fetch). Requires more Lambda memory | 0 |
+| DisableSpillEncryption | Disable encryption for spilled data | false |
+
+### Update Lambda Function
+
+For subsequent code updates after initial deployment, build and push the Docker image manually:
+
+```bash
+cd connectors && mvn clean package -DskipTests && \
+cd athena-databricks-connector && \
+finch build -t databricks-connector . && \
+finch tag databricks-connector:latest <account-id>.dkr.ecr.<region>.amazonaws.com/<repo-name>:latest && \
+finch push <account-id>.dkr.ecr.<region>.amazonaws.com/<repo-name>:latest && \
+aws lambda update-function-code \
+  --function-name databricks \
+  --image-uri <account-id>.dkr.ecr.<region>.amazonaws.com/<repo-name>:latest \
+  --region <region>
+```
+
+## Secrets Manager Configuration
+
+The connector authenticates with Databricks using a personal access token (PAT) stored in AWS Secrets Manager. The token is retrieved at runtime by the Federation SDK — it is never embedded in code or environment variables.
+### Security Best Practices
+
+We recommend storing your Databricks personal access token in AWS Secrets Manager rather than as a plaintext Lambda environment variable. Reference the secret ARN in the `DATABRICKS_TOKEN` environment variable using dynamic references:
+
+    {{resolve:secretsmanager:your-secret-name:SecretString:token}}
+### How it works
+
+The connector's JDBC connection string contains a `${secret-name}` placeholder. At runtime, the SDK:
+
+1. Extracts the secret name from the placeholder
+2. Calls Secrets Manager to retrieve the secret value
+3. Injects the `username` and `password` into the JDBC connection properties
+4. Strips the placeholder from the URL before connecting
+
+### Create the secret
+
+The secret must be a JSON object with `username` and `password` fields. For Databricks PAT auth, the username is always `token`:
+
+```bash
+aws secretsmanager create-secret \
+  --name my-databricks-secret \
+  --secret-string '{"username": "token", "password": "<your-databricks-personal-access-token>"}' \
+  --region <region>
+```
+
+### Update the secret
+
+To rotate or update the token:
+
+```bash
+aws secretsmanager put-secret-value \
+  --secret-id my-databricks-secret \
+  --secret-string '{"username": "token", "password": "<new-token>"}' \
+  --region <region>
+```
+
+No redeployment needed — the connector reads the secret on each invocation.
+
+## Run Queries
+
+Once deployed, query Databricks data through Athena:
+
+```sql
+-- List schemas
+SHOW DATABASES in `lambda:databricks`;
+     
+-- List tables in a schema
+SHOW TABLES in `lambda:databricks`.default;
+
+-- Describe table layout (column names and types)
+SHOW COLUMNS IN `lambda:databricks`.default.test_table
+
+-- Query a table
+SELECT * FROM `lambda:databricks`."default"."your_table" LIMIT 10;
+```
+
+You can run queries from the Athena console or the AWS CLI:
+
+```bash
+# Start a query
+aws athena start-query-execution \
+  --query-string 'SELECT * FROM `lambda:databricks`."default"."your_table" LIMIT 10' \
+  --work-group primary \
+  --region <region>
+
+# Fetch results (use the QueryExecutionId from the previous command)
+aws athena get-query-results \
+  --query-execution-id <query-execution-id> \
+  --region <region>
+```
+
+## JDBC Driver Configuration
+
+### Arrow and Cloud Fetch (Default: Disabled)
+
+The Databricks JDBC driver supports [Cloud Fetch](https://docs.databricks.com/en/integrations/jdbc/capability.html#cloud-fetch-in-jdbc), which downloads query results as ~20MB Arrow-serialized chunks in parallel from DBFS. While this is faster than row-by-row streaming, each in-flight chunk consumes Lambda memory. With the default thread pool of 16, this can easily exceed Lambda's memory limit (1–3GB) on large result sets.
+
+This connector disables Arrow by default (`EnableArrow=0`) so results stream row-by-row via Thrift instead. Memory usage is bounded by `DatabricksFetchSize` (default: 10,000 rows per JDBC round trip).
+
+To re-enable Cloud Fetch for higher throughput, set the `EnableArrow` parameter to `1` during deployment. You may also need to increase `LambdaMemory` to accommodate the larger in-flight buffers.
+
+### Fetch Size (Default: 10,000)
+
+`DatabricksFetchSize` controls how many rows the JDBC driver buffers per round trip. Higher values reduce network round trips but use more memory. The default of 10,000 is safe for Lambda at 1GB with typical row sizes (~1KB). Lower it for tables with very wide rows.
+
+## Troubleshooting
+
+- **No partitioning support**: All data is read in a single split. For large tables, use `LIMIT` or `WHERE` clauses to avoid Lambda timeout or out-of-memory errors.
+- **Check Lambda Logs**: `aws logs tail /aws/lambda/databricks --follow --format short --region <region>`
+- **Verify Permissions**: Ensure the Lambda execution role has access to Secrets Manager and the spill bucket
+
+## Additional Resources
+
+- [Athena Federated Query Documentation](https://docs.aws.amazon.com/athena/latest/ug/connect-to-a-data-source.html)
+- [AWS Athena Query Federation SDK](https://github.com/awslabs/aws-athena-query-federation)
+- [Databricks JDBC Driver](https://docs.databricks.com/aws/en/integrations/jdbc-oss/)