# Redshift To connect to your Redshift, the following information is necessary : **Host**, **Cluster Region**, **Aws Account ID**, **Database name**, **Username**, **Password**, **Port** and **Role**. You can read the tutorial bellow on how to obtain these credentials. ## Setup ### IAM Role In the **Properties** tab, scroll down until the **Associated IAM roles** section becomes visible. Select one of the available roles in the table, or, if no roles are available, create a new one by clicking the **Create IAM role** button.

#### Creating a new Role The **Create IAM Role** button on the Redshift page creates a new role and sets it as the default. We recommend using this option if the cluster does not yet have a default role, as it automatically configures both the **AmazonRedshiftAllCommandsFullAccess** policy and an S3 read policy. If the cluster already has a default role, you can create a role directly from the IAM page to avoid replacing the current default role. To do this, type **roles** into the search bar and select the corresponding **IAM Feature**. In **Step 1** of creation, select **Custom trust policy** and paste the trust policy JSON shown below. ```bison { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "redshift.amazonaws.com", "redshift-serverless.amazonaws.com", "sagemaker.amazonaws.com" ] }, "Action": "sts:AssumeRole" } ] } ```

In **Step 2**, search for and add the **AmazonRedshiftAllCommandsFullAccess** policy. Then, either select a custom policy that allows general S3 list and read access, or search for and add the predefined **AmazonS3FullAccess** policy.

In **Step 3**, name the role and review the previous configurations. Note the chosen name, as it will be required when setting up the connector on the platform.

#### Using an existing role If you choose to use an existing role, click on the blue name in the table to be redirected to the main role page, and make sure it has the **AmazonRedshiftAllCommandsFullAccess** policy as well as an additional policy granting permission to list and read objects in S3, as shown in the following policy JSON: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket", "s3:GetBucketLocation" ], "Resource": ["arn:aws:s3:::*", "arn:aws:s3:::*/*"] } ] } ``` Finally, make sure to note the name of the chosen role, as it will be required during the connector creation process on the platform. ### Credentials The credentials needed to register the connector can be found by navigating to the main page of the Redshift instance.

Under **General information**, you can find the AWS account ID within the **Cluster namespace ARN** string, where the ID is the series of numbers between the region and the namespace. From the **Endpoint** string, you can extract the **DB Host**, **Cluster Region**, **DB Port**, and **DB Name**. (In the example image: ```json { "Host": "redshift-cluster-demo.cqi8tt9gzalq.us-east-1.redshift.amazonaws.com", "Region": "us-east-1", "Port": 5439, "Database name": "demo" } ``` ## Connect to Erathos To connect Erathos to your Redshift: 1. **Create a New Destination** * Go to **Settings** > **Data Warehouse**. * Select **Redshift**. 2. **Fill Out the Form** * Input your credentials, such as **Host**, **Cluster Region**, **Aws Account ID**, **Database name**, **Username**, **Password**, **Port** and **Role**. 3. **Advanced Options (Optional)** * Define if the connection should be made through a Static IP or SSH. For more information, plese referer to [Databases connection types](https://docs.erathos.com/connectors/databases#connection-types). {% hint style="info" %} If you need help connecting to your PostgreSQL, reach out to our team at . {% endhint %}