Setting Up a Test User and Privileges
As an administrative user, set up a test user and grant the necessary privileges to the user to run the following examples.
DELETE USER nos_usr; DROP USER nos_usr; CREATE USER nos_usr FROM dbc AS PERMANENT=30e8 PASSWORD=nos; GRANT CREATE TABLE on nos_usr to nos_usr; GRANT EXECUTE FUNCTION on TD_SYSFNLIB.READ_NOS to nos_usr; GRANT CREATE AUTHORIZATION on nos_usr to nos_usr; GRANT CREATE DATASET SCHEMA ON SYSUDTLIB TO nos_usr; GRANT CREATE FUNCTION ON nos_usr to nos_usr;
Setting Up an Authorization Object and a Function Mapping
Create an authorization object:
CREATE AUTHORIZATION DefAuth AS DEFINER TRUSTED USER 'YOUR-ACCESS-KEY-ID' PASSWORD 'YOUR-SECRET-ACCESS-KEY';
Create a function mapping:
CREATE FUNCTION MAPPING READ_NOS_FM FOR READ_NOS EXTERNAL SECURITY DEFINER TRUSTED DefAuth USING BUFFERSIZE, SAMPLE_PERC, ROWFORMAT, RETURNTYPE, HEADER, MANIFEST, LOCATION, STOREDAS, FULLSCAN, ANY IN TABLE;
See Restricting Foreign Table Access with an AUTHORIZATION Object and Using Function Mapping to Prevent Exposed Credentials in Queries.