All Products
Search

This Product

    Tablestore:Allow MaxCompute to access Tablestore by using AccessKey pairs

    Document Center

    Tablestore:Allow MaxCompute to access Tablestore by using AccessKey pairs

    Last Updated:Aug 19, 2024

    In addition to account authorization, you can access Tablestore data by using the AccessKey pair of a RAM user in MaxCompute.

    Prerequisites

    The following operations are performed in the Resource Access Management (RAM) console:

    • A RAM user is created and permissions to manage Tablestore are granted to the RAM user.

      Warning

      If the AccessKey pair of your Alibaba Cloud account is leaked, your resources are exposed to potential risks. We recommend that you use the AccessKey pair of a RAM user to perform operations. This prevents the AccessKey pair of your Alibaba Cloud account from being leaked.

      The RAM user must be granted at least the permissions that are specified in the following policy:

      {
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "ots:ListTable",
        "ots:DescribeTable",
        "ots:GetRow",
        "ots:PutRow",
        "ots:UpdateRow",
        "ots:DeleteRow",
        "ots:GetRange",
        "ots:BatchGetRow",
        "ots:BatchWriteRow",
        "ots:ComputeSplitPointsBySize"
      ],
      "Resource": "*",
      "Effect": "Allow"
    }
  ]
}

--You can also specify other permissions.

    • An AccessKey pair is created for the RAM user. For more information, see Create an AccessKey pair.

    Allow MaxCompute to access Tablestore by using the AccessKey pair of a RAM user

    Unlike account authorization, you must specify the AccessKey pair information in the LOCATION clause when you create an external table.

    LOCATION 'tablestore://${AccessKeyId}:${AccessKeySecret}@${InstanceName}.${Region}.ots-internal.aliyuncs.com'

    The following table describes the information that is required to access Tablestore resources in this example.

    AccessKeyId

    AccessKeySecret

    Instance name

    Region

    Network Type

    abcd

    1234

    cap1

    cn-hangzhou

    Access over the internal network

    You can execute the following statement to create an external table:

    CREATE EXTERNAL TABLE ads_log_ots_pt_external
(
vid bigint,
gt bigint,
longitude double,
latitude double,
distance double ,
speed double,
oil_consumption double
)
STORED BY 'com.aliyun.odps.TableStoreStorageHandler'
WITH SERDEPROPERTIES (
'tablestore.columns.mapping'=':vid, :gt, longitude, latitude, distance, speed, oil_consumption',
'tablestore.table.name'='vehicle_track'
)
LOCATION 'tablestore://abcd:1234@cap1.cn-hangzhou.ots-internal.aliyuncs.com'

    For information about how to access data, see Step 3: Use the external table to access Tablestore data in Use MaxCompute to access Tablestore.