Overview

This code block demonstrates how to create a foreign table over Azure Blob Storage.

CREATE FOREIGN DATA WRAPPER <wrapper_name>
HANDLER azblob_fdw_handler
VALIDATOR azblob_fdw_validator;

CREATE SERVER <server_name>
FOREIGN DATA WRAPPER <wrapper_name>;

-- Replace the dummy schema with the actual schema
CREATE FOREIGN TABLE <table_name> ("x" INT)
SERVER <server_name>
OPTIONS (path '<path>', extension '<extension>');
wrapper_name
required

Foreign data wrapper name. Can be any string.

server_name
required

Foreign server name. Can be any string.

table_name
required

Foreign table name. Can be any string.

Options for CREATE SERVER

endpoint
required

The endpoint used by Azure Blob Storage. For instance, https://<accountname>.blob.core.windows.net.

encryption_algorithm

The encryption algorithm used by the backend. Accepted values are AES256.

Options for CREATE FOREIGN TABLE

path
required

Must start with an Azure scheme like az:// and point to the location of your file. The path should end in a / if it points to a directory of partitioned Parquet files.

extension
required

One of avro, csv, json, and parquet.

format

For now, only delta is supported for Delta Lake (Iceberg is coming soon). If omitted, no table format is assumed.

Azure Blob Storage Credentials

CREATE USER MAPPING is used to pass in credentials for private buckets.

-- Get the name of the current user
SELECT current_user;
 current_user
--------------
 myuser

-- Run this before CREATE FOREIGN TABLE
CREATE USER MAPPING FOR <current_user>
SERVER <server_name>
OPTIONS (
  account_key '<account_key>',
  account_name '<account_name>'
);

-- Now, run CREATE FOREIGN TABLE
current_user
required

The name of the Postgres user. If set to public, these credentials will be applied to all users.

server_name
required

Foreign server name.

Options for CREATE USER MAPPING

account_key
The Azure account key.
account_name
The Azure account name.
connection_string

A connection string for Azure.

customer_provided_key

A customer-provided key (CPK) used for server-side encryption.

encryption_key

A Base64-encoded key that matches algorithm specified in encryption_algorithm.

encryption_key_sha256

A Base64-encoded SHA256 digest of the key specified in encryption_key.