This will create platform super-user which is used to bootstrap new Athena environment keys. Do not use this user to run and deploy environments.

Athena by default runs in AWS. There is no tight lock-in in AWS and it is possible to run Athena on any infrastructure but nevertheless AWS is default target and this guide will focus on starting new Athena platform instance in an empty AWS account.

AWS Athena super-user

  • Open AWS IAM.
  • Open Groups, create new group AthenaSuperUser.
  • Attach AWS policies AmazonEC2FullAccess, IAMFullAccess to a group.
  • Add IAM user to newly created group and download users AWS access ID and KEY

Public domain

Athena needs a publicly registered domain (for example that is hosted in AWS Route53 to be able to add publicly accessible host records for deployed services.

SSL keys and certificates

Athena needs wild-card (for example: with CN * SSL certificate to be able to expose domain deployed services (for example: service

Simple email Service

Athena uses AWS SES to send platform generated emails. It is necessary to setup and validate FROM email addresses in AWS SES that will be used to send out platform emails. Common name for FROM address to be validated is