Hi everyone,
We often get questions on integrations and in this post you can find several technologies that Ataccama can connect to, the prerequisites for integration, key rules to follow, and fundamental troubleshooting steps.
π Understanding these aspects ensures a smoother deployment and operation, minimizing potential integration issues. By following the guidelines provided, you can efficiently prepare your environment, meet technical requirements, and troubleshoot common challenges, ensuring seamless connectivity with Ataccama solutions.
Ataccama comes with a set of default connections that work out of the box without requiring additional configuration. These connections include the most commonly used databases, cloud storage solutions, and other data sources, all pre-configured with the necessary drivers.
For the majority of default connections, no manual setup is required β Ataccama automatically includes and manages the appropriate JDBC or API drivers, ensuring seamless integration.
For most use cases, default connections provide a plug-and-play experience, allowing users to quickly establish connectivity without additional effort.
Ataccama out-of-the-box sources π¦
ONE Data
π Datasources: Relational Databases - JDBC Connections
Create in Catalogue Items β Sources
MS SQL Serverπ
Ataccama supports connecting to Microsoft SQL Server, whether it is a standalone on-premises instance or a cloud-based service like Azure SQL Database or Azure Synapse Analytics.
For datasource connection, network access must be configured to allow connections via TCP/IP, typically on port 1433. Cloud-hosted instances may require additional firewall rules, private endpoints, or VPN access depending on security policies.
Port to open: 1433
Driver: provided mssql-jdbc-*.jar with mssqlLibs out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:sqlserver://<hostname>:<port>;databaseName=<database>;encrypt=true;trustServerCertificate=true
Authentication options:
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.Integrated credentials- AD Authentication via Kerberos - Confirm with your Ataccama representative for more details on the connection setup.
Azure Synapse Analyticsπ
Azure Synapse Analytics (formerly SQL Data Warehouse) uses TCP port 1433 for JDBC connections. It requires access to the Synapse workspace endpoint, authentication via Azure AD, SQL authentication, or Managed Identity, and proper firewall/VNet rules to allow access from approved IPs or Azure services.
Port to open: 1433
Driver: provided mssql-jdbc-*.jar with mssqlLibs out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:sqlserver://<hostname>:<port>;databaseName=<database>;encrypt=true;trustServerCertificate=true
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Oracleπ
For on-premises deployments, connections typically use TCP/IP with the Oracle Listener service, often running on port 1521. Cloud-based instances may require configuring security lists, private endpoints, or VPN access to allow external connections.
Port to open: 1521
Driver: provided ojdbc8-*.jar with ORACLElIBS out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:oracle:thin:@<hostname>:<port>:<sid>
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
PostgreSQL (Amazon Aurora PostgreSQL, Amazon RDS PostgreSQL, Azure Service for PostgreSQL, Google Service for PostgreSQL) π
Ataccama supports connections to PostgreSQL, including on-premises instances, managed cloud services (such as AWS RDS, Azure Database for PostgreSQL, and Google Cloud SQL), and self-hosted deployments.
For standalone deployments, a connection may require adjustments to the pg_hba.conf and postgresql.conf files to allow remote access.
Cloud-based services may require whitelisting IP addresses, configuring VPC settings, or enabling SSL connections depending on security policies.
PostgreSQL typically listens on port 5432.
Port to open: 5432
Driver: provided postgresql-*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:postgresql://<hostname>:<port>/<database>
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
MariaDB π
MariaDB uses the MySQL protocol and typically listens on port 3306.
For self-hosted or on-premises deployments, remote access may require modifying the bind-address setting in the MariaDB configuration and updating user privileges to allow external connections.
For cloud-based services, additional configurations such as IP whitelisting, VPC settings, or SSL enforcement may be required, depending on the security policies of the hosting provider.
Port to open: 3306
Driver: provided mariadb-java-client-*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:mariadb://<hostname>:<port>/<database>
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Teradataπ
Ataccama supports connections to Teradata, which is primarily used as an enterprise data warehouse (EDW) and can be deployed on-premises or as a cloud-based service via Teradata Vantage (available on AWS, Azure, and Google Cloud).
Teradata uses the Teradata SQL Engine and typically communicates via JDBC. The default port for connections is 1025 for JDBC access.
Teradata uses the Teradata SQL Engine and supports JDBC connections, which typically communicate over port 1025.
For on-premises Teradata, network access must be configured to allow external JDBC connections. For Teradata Vantage (Cloud), additional configurations such as SSL encryption, IAM roles, and IP whitelisting may be required.
Port to open: 1025
Driver: provided terajdbc-*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:teradata://<hostname>/database=<database>,charset=UTF8
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Amazon Redshift π
Amazon Redshift uses TCP port 5439 by default and supports connections over JDBC. It requires access to the cluster's VPC security group and subnet settings, ensuring inbound rules allow connections from permitted IPs or VPCs. Redshift can be accessed via public or private endpoints, and for cross-region or external access, AWS PrivateLink or VPC peering may be required.
Port: 5439
Driver: provided redshift-jdbc*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:redshift://<hostname>:<port>/<database>
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Snowflake π
Snowflake uses TCP port 443 for secure connections over HTTPS and supports JDBC/ODBC drivers. It requires network policies to allow access from permitted IPs or PrivateLink for VPC integration. Depending on deployment (AWS, Azure, GCP), additional networking settings like egress rules or firewall configurations may be needed.
Port: 443
Driver: provided snowflake-jdbc-*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:snowflake://<account_identifier>.snowflakecomputing.com/?db=<database>&schema=<schema>&warehouse=<warehouse>&role=<role>
Pushdown processing: To process Data Quality evaluation entirely using a warehouse cluster. When query pushdown processing is completed, only Data Quality results and invalid data samples are returned to ONE platform.
Authentication options:
-
Username and password- Is basically a Snowflake JWT (Private Key) method, a username and password in combination with Snowflake JWT authentication is supported-
Configuration details
Official Ataccama documentation: https://docs.ataccama.com/one/latest/sources/how-to-connect-to-snowflake-using-jwt-authentication.html
Technical details:
# Generate private key - correct way: openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -v1 PBE-SHA1-3DES -out rsa_private_key.p8 # Generate public key from the private key: openssl rsa -in rsa_private_key.p8 -pubout -out publickey.crt # Set public key to Snowflake account: alter user "<username>" set rsa_public_key='<public key content>'
-
-
OAuth credentials- For Snowflake OAuth authentication, you need to provide Client ID, Client Secret, Token Endpoint, and a Refresh Token (generated in the Ataccama UI during setup). All credentials are stored securely upon saving. -
OAuth user SSO credentials- For SSO authentication, the authentication method needs to be configured to enable seamless access.
BigQuery π
BigQuery uses HTTPS (port 443) for JDBC connections. It requires IAM authentication and access to the Google Cloud project where the dataset is stored. For authentication, OAuth2 or service account keys are typically required.
Port: 443
Driver: provided GoogleBigQueryJDBC42.jar with bigQuery:ibs out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:bigquery://https://www.googleapis.com/bigquery/v2:443;ProjectId=<project_id>;Dataset=<dataset>;
Authentication options:
-
OAuth Google user credentials- Client ID and Client Secret need to be provided and are stored securely upon saving. -
Google service account key credentials- the service account key file needs to be provided and is stored securely upon saving.
Sybaseπ
Sybase Adaptive Server Enterprise (ASE) typically uses TCP port 5000 (default) for connections and supports JDBC. It requires access to the Sybase server hostname/IP, database name, and authentication details. Secure access can be enforced using SSL/TLS and firewall rules.
Port: 5000
Driver: provided jtds-*.jar out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:jtds:sybase://<hostname>:<port>;DatabaseName =<database>
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Derby π
Apache Derby is an embedded or client-server database that uses TCP port 1527 by default for network connections. It supports JDBC connections in both embedded and server modes.
Port: 1527
Driver: provided derbyclient-*.jar with derbyLibs out-of-the-box within drivers.zip package
JDBC String pattern: jdbc:derby:<database_path>;create=true
Authentication options:
-
Username and password- A username and password are required to establish a connection to the JDBC datasource. Credentials are provided in the Ataccama UI and stored securely. A read-only user is sufficient, as Ataccama never writes back to the clientβs datasource.
Hope you find these useful! Let us know if you have any questions in the comments below.