Table of Contents

Search

  1. Preface
  2. Part 1: Introduction to Amazon Redshift connectors
  3. Part 2: Data Integration with Amazon Redshift V2 Connector
  4. Part 3: Data Integration with Amazon Redshift Connector

Amazon Redshift Connectors

Amazon Redshift Connectors

Administration of Amazon Redshift V2 Connector

Administration of Amazon Redshift V2 Connector

As a user, you can use Amazon Redshift V2 Connector after the organization administrator ensures that users have access to the Secure Agent directory that contains the success and error files. The directory path must be the same on each Secure Agent machine in the runtime environment. The organization administrator must also perform the following tasks:
  • Get the Amazon Redshift JDBC URL.
  • Manage Authentication. Use either of the following two methods:
    • Create an Access Key ID and Secret Access Key.
      Provide the values for access key ID and secret access key when you configure the Amazon Redshift V2 connection. For more information about creating an access key ID and secret access key, see the AWS documentation.
    • Configure AWS Identity and Access Management (IAM) Authentication to enhance security.
      If you use IAM authentication, do not provide access key ID and secret access key explicitly in the Amazon Redshift V2 connection. Instead, you must create an Redshift Role Amazon Resource Name (ARN), add the minimal Amazon S3 bucket policy to the Redshift Role ARN, and add the Redshift Role ARN to the Redshift cluster.
      Provide the Redshift Role ARN in the AWS_IAM_ROLE option in the UNLOAD and COPY commands when you create a task.
      If you specify both, access key ID and secret access key in the connection properties and AWS_IAM_ROLE in the UNLOAD and COPY commands, AWS_IAM_ROLE takes the precedence.
      You must add IAM EC2 role and IAM Redshift role to the customer master key when you use IAM authentication and server-side encryption using customer master key.
      Hosted Agent does not support IAM authentication. For more information about how to configure IAM authentication for Amazon Redshift V2 Connector, see IAM authentication
  • Configure Amazon Redshift for SSL if you want to support an SSL connection.
  • Create a master symmetric key if you want to enable client-side encryption.
  • Create an AWS Key Management Service (AWS KMS)-managed customer master key if you want to enable server-side encryption.
  • Create minimal Amazon S3 bucket policy for Amazon Redshift V2 Connector.
  • To access the data catalog and the data files in Amazon S3 by using Amazon Redshift Spectrum, ensure that the Amazon Redshift cluster has the required authorization.
  • Configure a CDC source if you want to create a mapping to capture changed data from the CDC source, and then run the associated mapping tasks to write the changed data to an Amazon Redshift target.
    To create a mapping with a CDC source, ensure that you have the PowerExchangeClient and CDC licenses.
  • To run
    elastic mappings
    successfully, ensure that the Redshift cluster and the
    elastic cluster
    reside in the same virtual private cloud (VPC).
  • To use Amazon Resource Name (ARN) for cross-account access, ensure that you follow prerequisites described by AWS. For more information, see the Amazon documentation.