Posted On: Jul 6, 2021
Amazon Athena users can now leverage the reusability, simplification, and security benefits of parameterized queries. Available today, analysts can save time and eliminate errors by converting queries that have frequently modified criteria, such as date filters or aggregation periods, into a parameterized query that serves multiple use cases. Application developers can use them to safeguard against SQL injection risks and simplify application integrations that generate SQL based on a user’s selections.
Getting started with parameterized queries is simple for all users. Start by identifying a query that would benefit from parameterization. An example is a query for retail sales metrics where the filters for product category, region, and date can vary from one execution to the next. Instead of manually modifying the logic in your SQL code each time you run the query, you can use variables for product category, region, and date whose values are provided when executing the query.
Parameterized query is available in SELECT, CTAS, and INSERT INTO queries through the Athena console, API, and SQL clients using Athena’s ODBC or JDBC drivers. To learn more, see Querying with Prepared Statements.