Using the Amazon Glue Data Catalog as the metastore for Hive - Amazon EMR
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using the Amazon Glue Data Catalog as the metastore for Hive

Using Amazon EMR release 5.8.0 or later, you can configure Hive to use the Amazon Glue Data Catalog as its metastore. We recommend this configuration when you require a persistent metastore or a metastore shared by different clusters, services, applications, or Amazon accounts.

Amazon Glue is a fully managed extract, transform, and load (ETL) service that makes it simple and cost-effective to categorize your data, clean it, enrich it, and move it reliably between various data stores. The Amazon Glue Data Catalog provides a unified metadata repository across a variety of data sources and data formats, integrating with Amazon EMR as well as Amazon RDS, Amazon Redshift, Redshift Spectrum, Athena, and any application compatible with the Apache Hive metastore. Amazon Glue crawlers can automatically infer schema from source data in Amazon S3 and store the associated metadata in the Data Catalog. For more information about the Data Catalog, see Populating the Amazon Glue Data Catalog in the Amazon Glue Developer Guide.

Separate charges apply for Amazon Glue. There is a monthly rate for storing and accessing the metadata in the Data Catalog, an hourly rate billed per minute for Amazon Glue ETL jobs and crawler runtime, and an hourly rate billed per minute for each provisioned development endpoint. The Data Catalog allows you to store up to a million objects at no charge. If you store more than a million objects, you are charged USD$1 for each 100,000 objects over a million. An object in the Data Catalog is a table, partition, or database. For more information, see Glue Pricing.


If you created tables using Amazon Athena or Amazon Redshift Spectrum before August 14, 2017, databases and tables are stored in an Athena-managed catalog, which is separate from the Amazon Glue Data Catalog. To integrate Amazon EMR with these tables, you must upgrade to the Amazon Glue Data Catalog. For more information, see Upgrading to the Amazon Glue Data Catalog in the Amazon Athena User Guide.

Specifying Amazon Glue Data Catalog as the metastore

You can specify the Amazon Glue Data Catalog as the metastore using the Amazon Web Services Management Console, Amazon CLI, or Amazon EMR API. When you use the CLI or API, you use the configuration classification for Hive to specify the Data Catalog. In addition, with Amazon EMR 5.16.0 and later, you can use the configuration classification to specify a Data Catalog in a different Amazon Web Services account. When you use the console, you can specify the Data Catalog using Advanced Options or Quick Options.

New console
To specify Amazon Glue Data Catalog as the Hive metastore with the new console
  1. Sign in to the Amazon Web Services Management Console, and open the Amazon EMR console at

  2. Under EMR on EC2 in the left navigation pane, choose Clusters, and then choose Create cluster.

  3. Under Application bundle, choose Core Hadoop, HBase, or Custom. If you customize your cluster, make sure that you select Hive or HCatalog as one of your applications.

  4. Under Amazon Glue Data Catalog settings, select the Use for Hive table metadata check box.

  5. Choose any other options that apply to your cluster.

  6. To launch your cluster, choose Create cluster.

Old console
To specify Amazon Glue Data Catalog as the Hive metastore with the old console
  1. Navigate to the new Amazon EMR console and select Switch to the old console from the side navigation. For more information on what to expect when you switch to the old console, see Using the old console.

  2. Choose Create cluster, Go to advanced options.

  3. For Release, choose emr-5.8.0 or later.

  4. Under Release, select Hive or HCatalog.

  5. Under Amazon Glue Data Catalog settings select Use for Hive table metadata.

  6. Choose other options for your cluster as appropriate, choose Next, and then configure other cluster options as appropriate for your application.

To specify the Amazon Glue Data Catalog as the Hive metastore with the Amazon CLI

For more information about specifying a configuration classification using the Amazon CLI and EMR API, see Configure applications.

  • Specify the value for hive.metastore.client.factory.class using the hive-site configuration classification as shown in the following example:

    [ { "Classification": "hive-site", "Properties": { "hive.metastore.client.factory.class": "com.amazonaws.glue.catalog.metastore.AWSGlueDataCatalogHiveClientFactory" } } ]

    On EMR release versions 5.28.0, 5.28.1, 5.29.0, or 6.x, if you're creating a cluster using the Amazon Glue Data Catalog as the metastore, set the hive.metastore.schema.verification to false. This prevents Hive and HCatalog from validating the metastore schema against MySQL. Without this configuration, the primary instance group will become suspended after reconfiguration on Hive or HCatalog.

    [ { "Classification": "hive-site", "Properties": { "hive.metastore.client.factory.class": "com.amazonaws.glue.catalog.metastore.AWSGlueDataCatalogHiveClientFactory", "hive.metastore.schema.verification": "false" } } ]

    If you already have a cluster on EMR release version 5.28.0, 5.28.1, or 5.29.0, you can set the primary instance group hive.metastore.schema.verification to false with following information:

    Classification = hive-site Property = hive.metastore.schema.verification Value = false

    To specify a Data Catalog in a different Amazon account, add the hive.metastore.glue.catalogid property as shown in the following example. Replace acct-id with the Amazon account of the Data Catalog.

    [ { "Classification": "hive-site", "Properties": { "hive.metastore.client.factory.class": "com.amazonaws.glue.catalog.metastore.AWSGlueDataCatalogHiveClientFactory", "hive.metastore.schema.verification": "false", "hive.metastore.glue.catalogid": "acct-id" } } ]

IAM permissions

The EC2 instance profile for a cluster must have IAM permissions for Amazon Glue actions. In addition, if you enable encryption for Amazon Glue Data Catalog objects, the role must also be allowed to encrypt, decrypt and generate the Amazon KMS key used for encryption.

Permissions for Amazon Glue actions

If you use the default EC2 instance profile for Amazon EMR, no action is required. The AmazonElasticMapReduceforEC2Role managed policy that is attached to the EMR_EC2_DefaultRole allows all necessary Amazon Glue actions. However, if you specify a custom EC2 instance profile and permissions, you must configure the appropriate Amazon Glue actions. Use the AmazonElasticMapReduceforEC2Role managed policy as a starting point. For more information, see Service role for cluster EC2 instances (EC2 instance profile) in the Amazon EMR Management Guide.

Permissions for encrypting and decrypting Amazon Glue Data Catalog

Your instance profile needs permission to encrypt and decrypt data using your key. You do not need to configure these permissions if both of the following statements apply:

  • You enable encryption for Amazon Glue Data Catalog objects using managed keys for Amazon Glue.

  • You use a cluster that's in the same Amazon Web Services account as the Amazon Glue Data Catalog.

Otherwise, you must add the following statement to the permissions policy attached to your EC2 instance profile.

[ { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kms:Decrypt", "kms:Encrypt", "kms:GenerateDataKey" ], "Resource": "arn:aws:kms:region:acct-id:key/12345678-1234-1234-1234-123456789012" } ] } ]

For more information about Amazon Glue Data Catalog encryption, see Encrypting your data catalog in the Amazon Glue Developer Guide.

Resource-based permissions

If you use Amazon Glue in conjunction with Hive, Spark, or Presto in Amazon EMR, Amazon Glue supports resource-based policies to control access to Data Catalog resources. These resources include databases, tables, connections, and user-defined functions. For more information, see Amazon Glue Resource Policies in the Amazon Glue Developer Guide.

When using resource-based policies to limit access to Amazon Glue from within Amazon EMR, the principal that you specify in the permissions policy must be the role ARN associated with the EC2 instance profile that is specified when a cluster is created. For example, for a resource-based policy attached to a catalog, you can specify the role ARN for the default service role for cluster EC2 instances, EMR_EC2_DefaultRole as the Principal, using the format shown in the following example:


The acct-id can be different from the Amazon Glue account ID. This enables access from EMR clusters in different accounts. You can specify multiple principals, each from a different account.

Considerations when using Amazon Glue Data Catalog

Consider the following items when using the Amazon Glue Data Catalog as the metastore with Hive:

  • Adding auxiliary JARs using the Hive shell is not supported. As a workaround, use the hive-site configuration classification to set the hive.aux.jars.path property, which adds auxiliary JARs into the Hive classpath.

  • Hive transactions are not supported.

  • Renaming tables from within Amazon Glue is not supported.

  • When you create a Hive table without specifying a LOCATION, the table data is stored in the location specified by the hive.metastore.warehouse.dir property. By default, this is a location in HDFS. If another cluster needs to access the table, it fails unless it has adequate permissions to the cluster that created the table. Furthermore, because HDFS storage is transient, if the cluster terminates, the table data is lost, and the table must be recreated. We recommend that you specify a LOCATION in Amazon S3 when you create a Hive table using Amazon Glue. Alternatively, you can use the hive-site configuration classification to specify a location in Amazon S3 for hive.metastore.warehouse.dir, which applies to all Hive tables. If a table is created in an HDFS location and the cluster that created it is still running, you can update the table location to Amazon S3 from within Amazon Glue. For more information, see Working with Tables on the Amazon Glue Console in the Amazon Glue Developer Guide.

  • Partition values containing quotes and apostrophes are not supported, for example, PARTITION (owner="Doe's").

  • Column statistics are supported for emr-5.31.0 and later.

  • Using Hive authorization is not supported. As an alternative, consider using Amazon Glue Resource-Based Policies. For more information, see Use Resource-Based Policies for Amazon EMR Access to Amazon Glue Data Catalog.

  • Hive constraints are not supported.

  • Cost-based Optimization in Hive is not supported.

  • Setting is not supported.


  • When you use a predicate expression, explicit values must be on the right side of the comparison operator, or queries might fail.

    • Correct: SELECT * FROM mytable WHERE time > 11

    • Incorrect: SELECT * FROM mytable WHERE 11 > time

  • Amazon EMR versions 5.32.0 and 6.3.0 and later support using user-defined functions (UDFs) in predicate expressions. When using earlier versions, your queries may fail because of the way Hive tries to optimize query execution.

  • Temporary tables are not supported.

  • We recommend creating tables using applications through Amazon EMR rather than creating them directly using Amazon Glue. Creating a table through Amazon Glue may cause required fields to be missing and cause query exceptions.

  • In EMR 5.20.0 or later, parallel partition pruning is enabled automatically for Spark and Hive when Amazon Glue Data Catalog is used as the metastore. This change significantly reduces query planning time by executing multiple requests in parallel to retrieve partitions. The total number of segments that can be executed concurrently range between 1 and 10. The default value is 5, which is a recommended setting. You can change it by specifying the property aws.glue.partition.num.segments in hive-site configuration classification. If throttling occurs, you can turn off the feature by changing the value to 1. For more information, see Amazon Glue Segment Structure.