-- Create a role for data engineers
CREATE ROLE data_engineer;
-- Grant ability to create and manage locations
GRANT CREATE LOCATION ON ACCOUNT "my_account" TO data_engineer;
GRANT MODIFY ANY LOCATION ON ACCOUNT "my_account" TO data_engineer;
-- Grant ability to use locations
GRANT USAGE ANY LOCATION ON ACCOUNT "my_account" TO data_engineer;
-- Create and use a location
CREATE LOCATION production_data WITH
SOURCE = AMAZON_S3
CREDENTIALS = (AWS_ROLE_ARN = 'arn:aws:iam::123456789012:role/DataAccess')
URL = 's3://company-data/';
-- Create an external table using the location
CREATE EXTERNAL TABLE sales_data (
customer_id INT,
purchase_date DATE,
amount DECIMAL(10,2)
)
LOCATION = production_data
OBJECT_PATTERN = 'sales/*.parquet'
TYPE = PARQUET;
