How can this be accomplished?

An Administrator needs to provide end users access to data in a Native Object Store using shared credentials.

How can this be accomplished?
A . Define a FOREIGN TABLE with DEFINER TRUSTED security.
B . Define a FUNCTION MAPPING with INVOKER TRUSTED security.
C . Use an S3 1AM role or Azure SAS token rather than User and Password.
D . Grant users access to a shared AUTHORIZATION object.

View Answer

Answer: D

Explanation:

In Teradata’s Native Object Store, the AUTHORIZATION object stores shared credentials (such as an S3 IAM role, Azure SAS token, or other cloud storage credentials). By granting users access to this shared authorization object, the administrator can allow multiple users to access the object store using the same set of credentials. This simplifies credential management and ensures secure access to the external data source.

Option A (Define a FOREIGN TABLE with DEFINER TRUSTED security) refers to defining a foreign table with a specific security model but does not handle shared credentials directly.

Option B (Define a FUNCTION MAPPING with INVOKER TRUSTED security) relates to function mappings and security contexts for user-defined functions, not directly to shared credentials for accessing an object store.

Option C (Use an S3 IAM role or Azure SAS token rather than User and Password) is a part of how credentials might be managed, but it does not address the mechanism for sharing these credentials among users. The AUTHORIZATION object is the correct method for managing and sharing these credentials securely.