The following is required to complete these steps:
- ARN obtained from creating the IAM on AWS
- Vantage Site ID obtained from your Teradata account team.
- First, complete the steps in Set Up Assume Role on AWS.
- On Analytics Database create an authorization object for access to the external object storage or ask your administrator to create it. For example:
CREATE AUTHORIZATION AUTH_S3 USING AUTHSERVICETYPE 'ASSUME_ROLE' ROLENAME 'arn:aws:iam::915556001112:role/teradata_role' EXTERNALID '915556001112' DURATION_SECONDS '7200';
Where:- ROLENAME contains the ARN obtained from creating the IAM on AWS.
- EXTERNALID is your Vantage Site ID.
- [OPTIONAL] DURATION_SECONDS is the duration in seconds of the role session, used in the execution of CREATE FOREIGN TABLE, SELECT, READ_NOS, and WRITE_NOS.When you omit this clause, the default value is 3600 seconds.
For more examples creating authorization objects, see CREATE AUTHORIZATION and REPLACE AUTHORIZATION Examples.
- Access the external object storage using READ_NOS, WRITE_NOS, or a foreign table. For example, the following query selects data from the S3 bucket using READ_NOS:
SELECT * FROM ( LOCATION = '/s3/sts-test.s3.amazonaws.com/csv_default.csv' AUTHORIZATION = S3_auth) as dt;