Prerequisites - Amazon Keyspaces (for Apache Cassandra)


You must complete the following tasks before you can start this tutorial.

  1. If you have not already done so, sign up for an AWS account by following the steps at Signing up for AWS.

  2. Create credentials by following the steps at Creating credentials to access Amazon Keyspaces programmatically.


    DSBulk currently only supports service-specific credentials. If you prefer to manage access to Amazon Keyspaces by using AWS Identity and Access Management users and roles, you can use the SigV4 authentication plugin and disable the service-specific credentials after you complete data upload with DSBulk.

  3. Create a JKS trust store file.

    1. Download the Starfield digital certificate using the following command and save sf-class2-root.crt locally or in your home directory.

      curl -O

      You can also use the Amazon digital certificate to connect to Amazon Keyspaces and can continue to do so if your client is connecting to Amazon Keyspaces successfully. The Starfield certificate provides additional backwards compatibility for clients using older certificate authorities.

    2. Convert the Starfield digital certificate into a trustStore file.

      openssl x509 -outform der -in sf-class2-root.crt -out temp_file.der keytool -import -alias cassandra -keystore cassandra_truststore.jks -file temp_file.der

      In this step, you need to create a password for the keystore and trust this certificate. The interactive command looks like this.

      Enter keystore password: Re-enter new password: Owner: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Serial number: 0 Valid from: Tue Jun 29 17:39:16 UTC 2004 until: Thu Jun 29 17:39:16 UTC 2034 Certificate fingerprints: MD5: 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24 SHA1: AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A SHA256: 14:65:FA:20:53:97:B8:76:FA:A6:F0:A9:95:8E:55:90:E4:0F:CC:7F:AA:4F:B7:C2:C8:67:75:21:FB:5F:B6:58 Signature algorithm name: SHA1withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 3 Extensions: #1: ObjectId: Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U..... 0010: 0E A9 88 E7 .... ] [OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US] SerialNumber: [ 00] ] #2: ObjectId: Criticality=false BasicConstraints:[ CA:true PathLen:2147483647 ] #3: ObjectId: Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U..... 0010: 0E A9 88 E7 .... ] ] Trust this certificate? [no]: y
  4. Set up the Cassandra Query Language shell (cqlsh) connection and confirm that you can connect to Amazon Keyspaces by following the steps at Using cqlsh to connect to Amazon Keyspaces.

  5. Download and install DSBulk.

    1. To download DSBulk, you can use the following code.

      curl -OL
    2. Then unpack the tar file and add DSBulk to your PATH as shown in the following example.

      tar -zxvf dsbulk-1.8.0.tar.gz # add the DSBulk directory to the path export PATH=$PATH:./dsbulk-1.8.0/bin
    3. Create an application.conf file to store settings to be used by DSBulk. You can save the following example as ./dsbulk_keyspaces.conf. Replace localhost with the contact point of your local Cassandra cluster if you are not on the local node, for example the DNS name or IP address. Replace username and password with your server credentials. Take note of the file name and path, as you're going to need to specify this later in the dsbulk load command.

      datastax-java-driver { = [ "localhost"] advanced.auth-provider { class = PlainTextAuthProvider username = "username" password = "password" } }