Redshift

To connect to your Redshift, the following information is necessary : Host, Cluster Region, Aws Account ID, Database name, Username, Password, Port and Role. You can read the tutorial bellow on how to obtain these credentials.

Setup

IAM Role

In the Properties tab, scroll down until the Associated IAM roles section becomes visible.

Select one of the available roles in the table, or, if no roles are available, create a new one by clicking the Create IAM role button.

Creating a new Role

The Create IAM Role button on the Redshift page creates a new role and sets it as the default. We recommend using this option if the cluster does not yet have a default role, as it automatically configures both the AmazonRedshiftAllCommandsFullAccess policy and an S3 read policy.

If the cluster already has a default role, you can create a role directly from the IAM page to avoid replacing the current default role. To do this, type roles into the search bar and select the corresponding IAM Feature.

In Step 1 of creation, select Custom trust policy and paste the trust policy JSON shown below.

{
    "Version": "2012-10-17", 
    "Statement": [
        {
            "Effect": "Allow", 
            "Principal": {
                "Service": [
                    "redshift.amazonaws.com", 
                    "redshift-serverless.amazonaws.com", 
                    "sagemaker.amazonaws.com"
                ]
            }, 
            "Action":  "sts:AssumeRole"
        }
    ]
}

In Step 2, search for and add the AmazonRedshiftAllCommandsFullAccess policy. Then, either select a custom policy that allows general S3 list and read access, or search for and add the predefined AmazonS3FullAccess policy.

In Step 3, name the role and review the previous configurations. Note the chosen name, as it will be required when setting up the connector on the platform.

Using an existing role

If you choose to use an existing role, click on the blue name in the table to be redirected to the main role page, and make sure it has the AmazonRedshiftAllCommandsFullAccess policy as well as an additional policy granting permission to list and read objects in S3, as shown in the following policy JSON:

{
    "Version": "2012-10-17", 
    "Statement": [
        {
            "Effect": "Allow", 
            "Action": [
                "s3:GetObject", 
                "s3:ListBucket", 
                "s3:GetBucketLocation"
            ], 
            "Resource": ["arn:aws:s3:::*", "arn:aws:s3:::*/*"]
        }
    ]
}

Finally, make sure to note the name of the chosen role, as it will be required during the connector creation process on the platform.

Credentials

The credentials needed to register the connector can be found by navigating to the main page of the Redshift instance.

Under General information, you can find the AWS account ID within the Cluster namespace ARN string, where the ID is the series of numbers between the region and the namespace.

From the Endpoint string, you can extract the DB Host, Cluster Region, DB Port, and DB Name. (In the example image:

{
    "Host": "redshift-cluster-demo.cqi8tt9gzalq.us-east-1.redshift.amazonaws.com",
    "Region": "us-east-1",
    "Port": 5439,
    "Database name": "demo"
}

Connect to Erathos

To connect Erathos to your Redshift:

1. Create a New Destination

   • Go to Settings > Data Warehouse.

   • Select Redshift.

2. Fill Out the Form

   • Input your credentials, such as Host, Cluster Region, Aws Account ID, Database name, Username, Password, Port and Role.

3. Advanced Options (Optional)

   • Define if the connection should be made through a Static IP or SSH. For more information, plese referer to Databases connection types.