1. Utilities
  2. External Tables
  3. ORACLE_BIGDATA Access Driver
  4. Setting Up Credentials and Location Parameters for Object Stores

17.3 Setting Up Credentials and Location Parameters for Object Stores

You create credential objects and then specify the object store URI.

Parent topic: ORACLE_BIGDATA Access Driver

17.3.1 How to Create a Credential for Object Stores

To create your credential object, use the DBMS_CLOUD.CREATE_CREDENTIAL procedure.

The credential object contains the username and password information needed to access the object store. Depending on your use case, you can use either an authorizatoin (auth) token, or use Oracle Cloud Infrastructure (OCI) native credentials. If you work with OCI Object Storage, then Oracle recommends that you use the OCI native method.

Note:

You must have the DBMS_CLOUD package installed.

Parent topic: Setting Up Credentials and Location Parameters for Object Stores

17.3.1.1 Creating the Credential Object with DBMS_CREDENTIAL.CREATE_CREDENTIAL

The DBMS_CLOUD.CREATE_CREDENTIAL procedure enables you to authenticate access to an external object store.

Parent topic: How to Create a Credential for Object Stores

17.3.1.1.1 Auth Token-Based Credentials

When you are working with Cloud services that require username and an auth token for access, use this method, replacing the values with the values required for your service.

Example 17-1 Auth Token-Based Credentials

BEGIN
DBMS_CLOUD.CREATE_CREDENTIAL(
    credential_name => 'AUTH_TOKEN_CRED',
    username        => 'username@example.com',
    password        => 'auth_token');
END;
17.3.1.1.2 Native Oracle Cloud Infrastructure (OCI) Credentials

When you are working with OCI Object Storage, use this method.

Example 17-2 Native Oracle Cloud Infrastructure (OCI) Credentials (Preferred for OCI Object Storage)

Using OCI credentials enables you to provide tenancy and user details in a secure way.

In the following example, OCI_CRED is the Oracle Cloud Infrastructure user name, ocid1.user.oc1..aaaaa... is the Oracle Cloud Identifier (OCID), ocid1.tenancy.oc1..aabbb... is the Oracle Cloud tenancy identifier, MIIEogIBAAKCAQEAtUnx...JEBg= is the SSH private key, and f2:db:f9:18:a4:aa:... is the public key fingerprint: 

BEGIN
DBMS_CLOUD.CREATE_CREDENTIAL (
       credential_name => ‘OCI_CRED’,
       user_ocid       => ‘ocid1.user.oc1..aaaaa...’,
       tenancy_ocid    => ‘ocid1.tenancy.oc1..aabbb...’,
       private_key     => ‘MIIEogIBAAKCAQEAtUnx...JEBg=’,
       fingerprint     => ‘f2:db:f9:18:a4:aa:...’);
END;

17.3.2 How to Define the Location Clause for Object Storage

Use these examples to see how you can specify the object store URI, depending on its source.

LOCATION is a URI pointing to data in the object store. Currently supported object stores are Oracle Object Store, Amazon S3 and Azure Blob Storage. To see a full list, refer to "CREATE_CREDENTIAL Procedure" in Oracle Database PL/SQL Packages and Types Reference:

DBMS_CLOUD CREATE_CREDENTIAL Procedure

In the examples, the following variables are used:

  • region – tenancy region
  • container – name of a container resource
  • namespace – namespace in a region
  • bucket – a logical container for storing objects that has a globally unique identifier
  • objectname – a unique identifier for an object in a bucket
  • storage_account – the name of the Azure Storage account used to access the Azure Blob Storage.

Example 17-3 Native Oracle Cloud Infrastructure Object Storage

location ('https://objectstorage.region.oraclecloud.com/n/namespace/b/bucket/o/objectname')

Example 17-4 Oracle Cloud Infrastructure Object Storage

location ('https://swiftobjectstorage.region.oraclecloud.com/v1/namespace/bucket/objectname'

Example 17-5 Amazon Web Service AWS S3 Storage Format

location ('https://s3.region.amazonaws.com/bucket/objectname')

Example 17-6 Microsoft Azure Blob Storage Format

location ('https://storage_account.blob.core.windows.net/container/objectname')

Related Topics

Parent topic: Setting Up Credentials and Location Parameters for Object Stores