In addition to account authorization, you can access data in Tablestore by using AccessKey pairs on MaxCompute.


Get the AccessKey credentials (that is, AccessKeyId and AccessKeySecret) for the account that owns the target Tablestore resources. If the AccessKey pair is for a Resource Access Management (RAM) user, the RAM user must be granted at least the following permissions to operate the Tablestore resources:

  "Version": "1",
  "Statement": [
      "Action": [
      "Resource": "*",
      "Effect": "Allow"

--You can also add other permissions.

Allow MaxCompute to access Tablestore by using AccessKey pairs

Unlike account authorization, you must specify the AccessKey pairs information in the LOCATION clause when you create an external table.

LOCATION 'tablestore://${AccessKeyId}:${AccessKeySecret}@${InstanceName}. ${Region}'

Assume that the following information is what MaxCompute must access:

AccessKeyId AccessKeySecret Instance name Region Network mode
abcd 1234 cap1 cn-hangzhou Intranet access

The statement to create the external table is:

CREATE EXTERNAL TABLE ads_log_ots_pt_external
vid bigint,
gt bigint,
longitude double,
latitude double,
distance double ,
speed double,
oil_consumption double
STORED BY 'com.aliyun.odps.TableStoreStorageHandler'
'tablestore.columns.mapping'=':vid, :gt, longitude, latitude, distance, speed, oil_consumption',
LOCATION 'tablestore://'

For more information about accessing data, see the "Step 3: Use an external table to access Tablestore data" section of the Use MaxCompute to access Tablestore topic.