CREATE LOCATION (Iceberg)
Reference and syntax for creating Iceberg locations.
Creates a new location object in your Firebolt account, which is a secure, reusable object that stores the connection details and credentials for Iceberg data sources. Instead of entering these details each time you run a query or create a table, you can use a location object.
This document captures specific and examples for location objects for Iceberg. For more on location objects in general, see CREATE LOCATION.
Iceberg locations currently support three catalog types: REST
, FILE_BASED
, and DATABRICKS_UNITY
(as syntactic sugar top of REST
). Each catalog accepts a different set of parameters and credentials.
Topics:
Syntax
Parameters
Common Parameters
Parameter | Description |
---|---|
<location_name> | A unique identifier for the location within your account. |
SOURCE | The external data source type. Currently, AMAZON_S3 and ICEBERG are supported. This should be ICEBERG for Iceberg locations. |
DESCRIPTION | Optional metadata describing the location’s purpose. |
Iceberg Parameters
Parameter | Description |
---|---|
CATALOG | The type of Iceberg catalog. Supported values: FILE_BASED , REST , or DATABRICKS_UNITY . |
CATALOG_OPTIONS | Configuration options specific to the chosen catalog type. |
CREDENTIALS | Authentication credentials for accessing the Iceberg catalog. Depending on the type of catalog, either AWS or OAuth credentials are used. |
AWS Authentication Parameters
Use AWS authentication parameters for FILE_BASED
catalogs.
Parameter | Description |
---|---|
AWS_ACCESS_KEY_ID | Your AWS access key ID for key-based authentication. |
AWS_SECRET_ACCESS_KEY | Your AWS secret access key for key-based authentication. |
AWS_SESSION_TOKEN | Optional temporary session token for temporary credentials. |
AWS_ROLE_ARN | The ARN of the IAM role to assume for role-based authentication. |
AWS_ROLE_EXTERNAL_ID | Optional external ID for role assumption. |
OAuth Authentication Parameters
Use OAuth authentication parameters for REST
or DATABRICKS_UNITY
catalogs.
Parameter | Description |
---|---|
OAUTH_CLIENT_ID | The OAuth client ID for authentication. |
OAUTH_CLIENT_SECRET | The OAuth client secret for authentication. |
OAUTH_SCOPE | Optional OAuth scope for authentication. |
OAUTH_SERVER_URL | Optional OAuth server URL for authentication. |
Iceberg Catalog-Specific Parameters
FILE_BASED Catalog
Parameter | Description |
---|---|
URL | The URL for the file-based catalog. This must be a valid S3 URL. |
REST Catalog
Parameter | Description |
---|---|
URL | The REST catalog URL. |
WAREHOUSE | The warehouse identifier. |
NAMESPACE | The namespace identifier. |
TABLE | The table name. |
DATABRICKS_UNITY Catalog
Parameter | Description |
---|---|
WORKSPACE_INSTANCE | The Databricks workspace instance. |
CATALOG | The Unity Catalog name. |
SCHEMA | The Unity Catalog schema name. |
TABLE | The Unity Catalog table name. |
Examples
File-based catalog
Used to access Iceberg tables directly from S3.
For file-based Iceberg catalogs, use AWS key-based or role-based authentication in CREDENTIALS
.
With access key and secret:
With access key, secret, and session token:
With role:
With role and external id:
REST catalog
Used to access Iceberg in REST catalogs, that implement the Iceberg REST API spec.
For generic REST Iceberg catalogs, use OAuth parameters for CREDENTIALS
.
Databricks Unity Catalog
Used to access Iceberg tables in a Databricks Unity Catalog. Offered as syntactic sugar on top of CATALOG = 'REST'
, for users who may be more familiar with Databricks Unity Catalog terminology.
For configuring Unity Catalog in your Databricks workspace, see Databricks - Set up and manage Unity Catalog. Note that you will need to enable credential vending in your Unity Catalog, see Databricks - Unity Catalog credential vending for external system access. For general information about reading Databricks tables from Iceberg clients, see Databricks - Read Databricks tables from Iceberg clients.
For Databricks Unity Catalogs, use OAuth parameters for CREDENTIALS
.
Snowflake Open catalog (as a generic REST catalog)
Iceberg tables in Snowflake Open Catalog can currently be read by using a LOCATION
with CATALOG = 'REST'
.
For setting up a Snowflake Open Catalog in your account, see Snowflake - Snowflake Open Catalog overview. Note that you will need to enable credential vending for your Iceberg tables, see Snowflake - Use catalog-vended credentials for Apache Iceberg™ tables. For general information about reading Snowflake Open Catalog tables from Iceberg clients, see Snowflake - Checking your REST catalog configuration.
For Snowflake Open catalogs, use OAuth parameters for CREDENTIALS
.