Skip to main content
Several authentication schemes across multiple providers are supported. For a detailed overview of all of the provider-specific options, see the SQL documentation.

Azure

CREATE CREDENTIAL azure_cred
TYPE = 'azure_storage_key',
IDENTITY = 'sampleacc',
SECRET = 'foobaz123'

Google Cloud Storage

CREATE CREDENTIAL gcs_cred
TYPE = 'gcs_service_account_id',
IDENTITY = 'auser@auser.iam.gserviceaccount.com',
SECRET = '-----BEGIN PRIVATE KEY-----\nABCDEFG=\n-----END PRIVATE KEY-----\n'

HDFS

CREATE CREDENTIAL hdfs_cred
TYPE = 'hdfs',
IDENTITY = 'jdoe',
SECRET = 'foobaz123'

JDBC

CREATE CREDENTIAL jdbc_cred
TYPE = 'jdbc',
IDENTITY = 'auser',
SECRET = 'Passw0rd!'

Kafka (Apache)

CREATE CREDENTIAL kafka_cred
TYPE = 'kafka'
WITH OPTIONS
(
    'security.protocol' = 'SSL',
    'ssl.ca.location' = 'kifs://ssl/ca-bundle.crt'
)

Kafka (Confluent)

CREATE CREDENTIAL confluent_cred
TYPE = 'confluent'
WITH OPTIONS
(
    'security.protocol' = 'SSL',
    'ssl.ca.location' = 'kifs://ssl/ca-bundle.crt'
)

Remote Repository

CREATE CREDENTIAL docker_cred
TYPE = 'docker',
IDENTITY = 'auser',
SECRET = 'Passw0rd!'

S3 (Amazon)

CREATE CREDENTIAL s3_cred
TYPE = 'aws_access_key',
IDENTITY = 'AKIAIOSFODNN7EXAMPLE',
SECRET = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'