-- `finance` can create an external table over specific object within the `finance_loc` location
> CREATE TABLE sec_filings LOCATION 'abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings';
-- Create or replace an external table from a query
> CREATE OR REPLACE TABLE sec_filings
LOCATION 'abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings'
AS (SELECT * FROM current_filings);
-- Cannot list files under an external table without permissions on it
> LIST `abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings`
Error
> LIST `abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings/_delta_log`
Error
-- Grant access to sec_filings to all employees
> GRANT SELECT ON TABLE sec_filings TO employee;
-- Any member of the `employee` group can securely read sec_filings
> SELECT count(1) FROM sec_filings;
20
-- Any member of the `employee` group can list files under the sec_filings table
> LIST `abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings`
_delta_log
> LIST `abfss://container@storageaccount.dfs.core.windows.net/depts/finance/sec_filings/_delta_log`
00000.json