Example: Controlling Access with an Authorization Object Using User and Password Credentials - Teradata VantageCloud Lake

Lake - Manage and Move Data
Deployment
VantageCloud
Edition
Lake
Product
Teradata VantageCloud Lake
Release Number
Published
February 2025
ft:locale
en-US
ft:lastEdition
2025-05-16
dita:mapPath
atx1683670417382.ditamap
dita:ditavalPath
pny1626732985837.ditaval
dita:id
atx1683670417382

    Prerequisites

  1. If not already done, log on to Analytics Database as an administrative user who can grant others privileges.
  2. Grant the appropriate privileges to the user.
    To create an authorization object, the user needs the CREATE AUTHORIZATION privileges.
  3. Log off as the administrative user.

    4. Create the Authorization Object

  4. To run NOS-related commands, log on to the database as a user with the required privileges.
  5. Create an authorization object in Analytics Database with the credentials to your external object storage.
    Create the authorization object in the same database as the foreign table that uses it.
    CREATE AUTHORIZATION authorization_object
USER 'YOUR-ACCESS-KEY-ID'
PASSWORD 'YOUR-SECRET-ACCESS-KEY';

    See Variable Substitutions for Examples.

    For example, the Teradata-supplied public object storage has an empty string for USER and PASSWORD. To create an authorization object for the public object storage, run:

    CREATE AUTHORIZATION MyAuthObj
USER ''
PASSWORD '';
  6. View the definition of the authorization object. For example:
    SHOW AUTHORIZATION NOS_USR.MyAuthObj;

    Note, the password is not returned in the result.

PostrequisiteIn later examples, the authorization object is linked to a foreign table and in other examples used in READ_NOS and WRITE_NOS statements.